doc/arm/man.rndc-confgen.html

	man.rndc-confgen.html revision 80383d03604b92a452564592e84c2bf831077a41
d389069a397c99347b5b281f90577e19e7662b03Mark Andrews<!--
731c2e5f0f7067e0fc85ca459983857e2f9ecd4cTinderbox User - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
d389069a397c99347b5b281f90577e19e7662b03Mark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
731c2e5f0f7067e0fc85ca459983857e2f9ecd4cTinderbox User -
e24ec1cb1238c734ac2b2ab86c189479aa426422Mark Andrews - Permission to use, copy, modify, and distribute this software for any
 - purpose with or without fee is hereby granted, provided that the above
 - copyright notice and this permission notice appear in all copies.
 -
 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 - PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: man.rndc-confgen.html,v 1.128 2009/06/18 01:13:02 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>rndc-confgen</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
<link rel="prev" href="man.rndc.conf.html" title="rndc.conf">
<link rel="next" href="man.ddns-confgen.html" title="ddns-confgen">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center"><span class="application">rndc-confgen</span></th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="refentry" lang="en">
<a name="man.rndc-confgen"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">rndc-confgen</span> &#8212; rndc key generation tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code>  [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2622148"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc-confgen</strong></span>
      generates configuration files
      for <span><strong class="command">rndc</strong></span>.  It can be used as a
      convenient alternative to writing the
      <code class="filename">rndc.conf</code> file
      and the corresponding <span><strong class="command">controls</strong></span>
      and <span><strong class="command">key</strong></span>
      statements in <code class="filename">named.conf</code> by hand.
      Alternatively, it can be run with the <span><strong class="command">-a</strong></span>
      option to set up a <code class="filename">rndc.key</code> file and
      avoid the need for a <code class="filename">rndc.conf</code> file
      and a <span><strong class="command">controls</strong></span> statement altogether.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2622214"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd>
<p>
            Do automatic <span><strong class="command">rndc</strong></span> configuration.
            This creates a file <code class="filename">rndc.key</code>
            in <code class="filename">/etc</code> (or whatever
            <code class="varname">sysconfdir</code>
            was specified as when <acronym class="acronym">BIND</acronym> was
            built)
            that is read by both <span><strong class="command">rndc</strong></span>
            and <span><strong class="command">named</strong></span> on startup.  The
            <code class="filename">rndc.key</code> file defines a default
            command channel and authentication key allowing
            <span><strong class="command">rndc</strong></span> to communicate with
            <span><strong class="command">named</strong></span> on the local host
            with no further configuration.
          </p>
<p>
            Running <span><strong class="command">rndc-confgen -a</strong></span> allows
            BIND 9 and <span><strong class="command">rndc</strong></span> to be used as
            drop-in
            replacements for BIND 8 and <span><strong class="command">ndc</strong></span>,
            with no changes to the existing BIND 8
            <code class="filename">named.conf</code> file.
          </p>
<p>
            If a more elaborate configuration than that
            generated by <span><strong class="command">rndc-confgen -a</strong></span>
            is required, for example if rndc is to be used remotely,
            you should run <span><strong class="command">rndc-confgen</strong></span> without
            the
            <span><strong class="command">-a</strong></span> option and set up a
            <code class="filename">rndc.conf</code> and
            <code class="filename">named.conf</code>
            as directed.
          </p>
</dd>
<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
<dd><p>
            Specifies the size of the authentication key in bits.
            Must be between 1 and 512 bits; the default is 128.
          </p></dd>
<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
<dd><p>
            Used with the <span><strong class="command">-a</strong></span> option to specify
            an alternate location for <code class="filename">rndc.key</code>.
          </p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
            Prints a short summary of the options and arguments to
            <span><strong class="command">rndc-confgen</strong></span>.
          </p></dd>
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
<dd><p>
            Specifies the key name of the rndc authentication key.
            This must be a valid domain name.
            The default is <code class="constant">rndc-key</code>.
          </p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
            Specifies the command channel port where <span><strong class="command">named</strong></span>
            listens for connections from <span><strong class="command">rndc</strong></span>.
            The default is 953.
          </p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd><p>
            Specifies a source of random data for generating the
            authorization.  If the operating
            system does not provide a <code class="filename">/dev/random</code>
            or equivalent device, the default source of randomness
            is keyboard input.  <code class="filename">randomdev</code>
            specifies
            the name of a character device or file containing random
            data to be used instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard
            input should be used.
          </p></dd>
<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
<dd><p>
            Specifies the IP address where <span><strong class="command">named</strong></span>
            listens for command channel connections from
            <span><strong class="command">rndc</strong></span>.  The default is the loopback
            address 127.0.0.1.
          </p></dd>
<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
<dd><p>
            Used with the <span><strong class="command">-a</strong></span> option to specify
            a directory where <span><strong class="command">named</strong></span> will run
            chrooted.  An additional copy of the <code class="filename">rndc.key</code>
            will be written relative to this directory so that
            it will be found by the chrooted <span><strong class="command">named</strong></span>.
          </p></dd>
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
<dd><p>
            Used with the <span><strong class="command">-a</strong></span> option to set the
            owner
            of the <code class="filename">rndc.key</code> file generated.
            If
            <span><strong class="command">-t</strong></span> is also specified only the file
            in
            the chroot area has its owner changed.
          </p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2634547"></a><h2>EXAMPLES</h2>
<p>
      To allow <span><strong class="command">rndc</strong></span> to be used with
      no manual configuration, run
    </p>
<p><strong class="userinput"><code>rndc-confgen -a</code></strong>
    </p>
<p>
      To print a sample <code class="filename">rndc.conf</code> file and
      corresponding <span><strong class="command">controls</strong></span> and <span><strong class="command">key</strong></span>
      statements to be manually inserted into <code class="filename">named.conf</code>,
      run
    </p>
<p><strong class="userinput"><code>rndc-confgen</code></strong>
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2634603"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2636212"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
<td width="40%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<code class="filename">rndc.conf</code>�</td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top">�<span class="application">ddns-confgen</span>
</td>
</tr>
</table>
</div>
</body>
</html>