man.rndc-confgen.html revision 0ce865f8b2e652d6fe0c029e3538f4cc7e009fe1
0N/A<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
2027N/A<!--
0N/A - Copyright (C) 2000-2016 Internet Systems Consortium, Inc. ("ISC")
0N/A -
0N/A - This Source Code Form is subject to the terms of the Mozilla Public
0N/A - License, v. 2.0. If a copy of the MPL was not distributed with this
0N/A - file, You can obtain one at http://mozilla.org/MPL/2.0/.
0N/A-->
0N/A<html lang="en">
0N/A<head>
0N/A<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0N/A<title>rndc-confgen</title>
0N/A<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
0N/A<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0N/A<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
0N/A<link rel="prev" href="man.rndc.conf.html" title="rndc.conf">
0N/A<link rel="next" href="man.ddns-confgen.html" title="ddns-confgen">
0N/A</head>
1472N/A<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
1472N/A<div class="navheader">
1472N/A<table width="100%" summary="Navigation header">
0N/A<tr><th colspan="3" align="center"><span class="application">rndc-confgen</span></th></tr>
0N/A<tr>
0N/A<td width="20%" align="left">
1879N/A<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
1879N/A<th width="60%" align="center">Manual pages</th>
1879N/A<td width="20%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
1879N/A</td>
1879N/A</tr>
1879N/A</table>
1879N/A<hr>
1879N/A</div>
1879N/A<div class="refentry">
1879N/A<a name="man.rndc-confgen"></a><div class="titlepage"></div>
1879N/A
1879N/A
1879N/A
1879N/A
1879N/A
1879N/A <div class="refnamediv">
1879N/A<h2>Name</h2>
1879N/A<p>
1879N/A <span class="application">rndc-confgen</span>
1929N/A &#8212; rndc key generation tool
1929N/A </p>
1879N/A</div>
1879N/A
1879N/A
1879N/A
1879N/A <div class="refsynopsisdiv">
1879N/A<h2>Synopsis</h2>
1879N/A <div class="cmdsynopsis"><p>
1879N/A <code class="command">rndc-confgen</code>
1879N/A [<code class="option">-a</code>]
0N/A [<code class="option">-A <em class="replaceable"><code>algorithm</code></em></code>]
0N/A [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>]
0N/A [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>]
0N/A [<code class="option">-h</code>]
0N/A [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>]
0N/A [<code class="option">-p <em class="replaceable"><code>port</code></em></code>]
0N/A [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
0N/A [<code class="option">-s <em class="replaceable"><code>address</code></em></code>]
0N/A [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>]
0N/A [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]
0N/A </p></div>
0N/A </div>
0N/A
0N/A <div class="refsection">
0N/A<a name="id-1.14.29.7"></a><h2>DESCRIPTION</h2>
0N/A
0N/A <p><span class="command"><strong>rndc-confgen</strong></span>
0N/A generates configuration files
0N/A for <span class="command"><strong>rndc</strong></span>. It can be used as a
0N/A convenient alternative to writing the
0N/A <code class="filename">rndc.conf</code> file
0N/A and the corresponding <span class="command"><strong>controls</strong></span>
0N/A and <span class="command"><strong>key</strong></span>
0N/A statements in <code class="filename">named.conf</code> by hand.
0N/A Alternatively, it can be run with the <span class="command"><strong>-a</strong></span>
0N/A option to set up a <code class="filename">rndc.key</code> file and
0N/A avoid the need for a <code class="filename">rndc.conf</code> file
0N/A and a <span class="command"><strong>controls</strong></span> statement altogether.
0N/A </p>
0N/A
0N/A </div>
0N/A
0N/A <div class="refsection">
0N/A<a name="id-1.14.29.8"></a><h2>OPTIONS</h2>
0N/A
0N/A
0N/A <div class="variablelist"><dl class="variablelist">
0N/A<dt><span class="term">-a</span></dt>
0N/A<dd>
0N/A <p>
0N/A Do automatic <span class="command"><strong>rndc</strong></span> configuration.
0N/A This creates a file <code class="filename">rndc.key</code>
0N/A in <code class="filename">/etc</code> (or whatever
0N/A <code class="varname">sysconfdir</code>
0N/A was specified as when <acronym class="acronym">BIND</acronym> was
0N/A built)
0N/A that is read by both <span class="command"><strong>rndc</strong></span>
0N/A and <span class="command"><strong>named</strong></span> on startup. The
0N/A <code class="filename">rndc.key</code> file defines a default
0N/A command channel and authentication key allowing
0N/A <span class="command"><strong>rndc</strong></span> to communicate with
0N/A <span class="command"><strong>named</strong></span> on the local host
0N/A with no further configuration.
0N/A </p>
0N/A <p>
0N/A Running <span class="command"><strong>rndc-confgen -a</strong></span> allows
0N/A BIND 9 and <span class="command"><strong>rndc</strong></span> to be used as
0N/A drop-in
0N/A replacements for BIND 8 and <span class="command"><strong>ndc</strong></span>,
417N/A with no changes to the existing BIND 8
417N/A <code class="filename">named.conf</code> file.
0N/A </p>
417N/A <p>
0N/A If a more elaborate configuration than that
417N/A generated by <span class="command"><strong>rndc-confgen -a</strong></span>
0N/A is required, for example if rndc is to be used remotely,
0N/A you should run <span class="command"><strong>rndc-confgen</strong></span> without
0N/A the
0N/A <span class="command"><strong>-a</strong></span> option and set up a
0N/A <code class="filename">rndc.conf</code> and
0N/A <code class="filename">named.conf</code>
0N/A as directed.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-A <em class="replaceable"><code>algorithm</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Specifies the algorithm to use for the TSIG key. Available
0N/A choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
0N/A hmac-sha384 and hmac-sha512. The default is hmac-md5 or
0N/A if MD5 was disabled hmac-sha256.
0N/A </p>
0N/A </dd>
1204N/A<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
1204N/A<dd>
1204N/A <p>
1204N/A Specifies the size of the authentication key in bits.
1204N/A Must be between 1 and 512 bits; the default is the
0N/A hash size.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Used with the <span class="command"><strong>-a</strong></span> option to specify
0N/A an alternate location for <code class="filename">rndc.key</code>.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-h</span></dt>
0N/A<dd>
0N/A <p>
0N/A Prints a short summary of the options and arguments to
0N/A <span class="command"><strong>rndc-confgen</strong></span>.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Specifies the key name of the rndc authentication key.
0N/A This must be a valid domain name.
0N/A The default is <code class="constant">rndc-key</code>.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Specifies the command channel port where <span class="command"><strong>named</strong></span>
0N/A listens for connections from <span class="command"><strong>rndc</strong></span>.
0N/A The default is 953.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Specifies a source of random data for generating the
0N/A authorization. If the operating
0N/A system does not provide a <code class="filename">/dev/random</code>
0N/A or equivalent device, the default source of randomness
0N/A is keyboard input. <code class="filename">randomdev</code>
0N/A specifies
0N/A the name of a character device or file containing random
0N/A data to be used instead of the default. The special value
0N/A <code class="filename">keyboard</code> indicates that keyboard
0N/A input should be used.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Specifies the IP address where <span class="command"><strong>named</strong></span>
0N/A listens for command channel connections from
0N/A <span class="command"><strong>rndc</strong></span>. The default is the loopback
0N/A address 127.0.0.1.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Used with the <span class="command"><strong>-a</strong></span> option to specify
0N/A a directory where <span class="command"><strong>named</strong></span> will run
0N/A chrooted. An additional copy of the <code class="filename">rndc.key</code>
0N/A will be written relative to this directory so that
0N/A it will be found by the chrooted <span class="command"><strong>named</strong></span>.
0N/A </p>
0N/A </dd>
0N/A<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
0N/A<dd>
0N/A <p>
0N/A Used with the <span class="command"><strong>-a</strong></span> option to set the
0N/A owner
0N/A of the <code class="filename">rndc.key</code> file generated.
0N/A If
0N/A <span class="command"><strong>-t</strong></span> is also specified only the file
0N/A in
0N/A the chroot area has its owner changed.
0N/A </p>
0N/A </dd>
0N/A</dl></div>
0N/A </div>
0N/A
0N/A <div class="refsection">
0N/A<a name="id-1.14.29.9"></a><h2>EXAMPLES</h2>
0N/A
0N/A <p>
0N/A To allow <span class="command"><strong>rndc</strong></span> to be used with
0N/A no manual configuration, run
0N/A </p>
0N/A <p><strong class="userinput"><code>rndc-confgen -a</code></strong>
0N/A </p>
0N/A <p>
0N/A To print a sample <code class="filename">rndc.conf</code> file and
0N/A corresponding <span class="command"><strong>controls</strong></span> and <span class="command"><strong>key</strong></span>
0N/A statements to be manually inserted into <code class="filename">named.conf</code>,
0N/A run
0N/A </p>
0N/A <p><strong class="userinput"><code>rndc-confgen</code></strong>
0N/A </p>
0N/A </div>
0N/A
0N/A <div class="refsection">
0N/A<a name="id-1.14.29.10"></a><h2>SEE ALSO</h2>
1647N/A
1647N/A <p><span class="citerefentry">
0N/A <span class="refentrytitle">rndc</span>(8)
0N/A </span>,
0N/A <span class="citerefentry">
0N/A <span class="refentrytitle">rndc.conf</span>(5)
1647N/A </span>,
1647N/A <span class="citerefentry">
1647N/A <span class="refentrytitle">named</span>(8)
0N/A </span>,
0N/A <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
0N/A </p>
0N/A </div>
0N/A
0N/A</div>
0N/A<div class="navfooter">
0N/A<hr>
0N/A<table width="100%" summary="Navigation footer">
0N/A<tr>
0N/A<td width="40%" align="left">
0N/A<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
0N/A<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
0N/A<td width="40%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
0N/A</td>
0N/A</tr>
0N/A<tr>
0N/A<td width="40%" align="left" valign="top">
0N/A<code class="filename">rndc.conf</code>�</td>
0N/A<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
0N/A<td width="40%" align="right" valign="top">�<span class="application">ddns-confgen</span>
0N/A</td>
1647N/A</tr>
1647N/A</table>
1647N/A</div>
1647N/A<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.1rc1</p>
1647N/A</body>
0N/A</html>
0N/A