doc/arm/man.rndc-confgen.html

	man.rndc-confgen.html revision 80383d03604b92a452564592e84c2bf831077a41
bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch<!--
570f02698492be6d25035d7a6ff65b2302bdb76dTimo Sirainen - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - Copyright (C) 2000-2003 Internet Software Consortium.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk -
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - Permission to use, copy, modify, and distribute this software for any
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - purpose with or without fee is hereby granted, provided that the above
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - copyright notice and this permission notice appear in all copies.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk -
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk - PERFORMANCE OF THIS SOFTWARE.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk-->
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<!-- $Id: man.rndc-confgen.html,v 1.128 2009/06/18 01:13:02 tbox Exp $ -->
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<html>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<head>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<title>rndc-confgen</title>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<link rel="prev" href="man.rndc.conf.html" title="rndc.conf">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<link rel="next" href="man.ddns-confgen.html" title="ddns-confgen">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</head>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="navheader">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<table width="100%" summary="Navigation header">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<tr><th colspan="3" align="center"><span class="application">rndc-confgen</span></th></tr>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<tr>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<td width="20%" align="left">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<th width="60%" align="center">Manual pages</th>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<td width="20%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk</td>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</tr>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</table>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<hr>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</div>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="refentry" lang="en">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<a name="man.rndc-confgen"></a><div class="titlepage"></div>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="refnamediv">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<h2>Name</h2>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<p><span class="application">rndc-confgen</span> &#8212; rndc key generation tool</p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</div>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="refsynopsisdiv">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<h2>Synopsis</h2>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code>  [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</div>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="refsect1" lang="en">
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<a name="id2622148"></a><h2>DESCRIPTION</h2>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<p><span><strong class="command">rndc-confgen</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      generates configuration files
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      for <span><strong class="command">rndc</strong></span>.  It can be used as a
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      convenient alternative to writing the
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      <code class="filename">rndc.conf</code> file
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      and the corresponding <span><strong class="command">controls</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      and <span><strong class="command">key</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      statements in <code class="filename">named.conf</code> by hand.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      Alternatively, it can be run with the <span><strong class="command">-a</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      option to set up a <code class="filename">rndc.key</code> file and
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      avoid the need for a <code class="filename">rndc.conf</code> file
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk      and a <span><strong class="command">controls</strong></span> statement altogether.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk    </p>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk</div>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<div class="refsect1" lang="en">
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk<a name="id2622214"></a><h2>OPTIONS</h2>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<div class="variablelist"><dl>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dt><span class="term">-a</span></dt>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dd>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            Do automatic <span><strong class="command">rndc</strong></span> configuration.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            This creates a file <code class="filename">rndc.key</code>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            in <code class="filename">/etc</code> (or whatever
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            <code class="varname">sysconfdir</code>
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            was specified as when <acronym class="acronym">BIND</acronym> was
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            built)
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            that is read by both <span><strong class="command">rndc</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            and <span><strong class="command">named</strong></span> on startup.  The
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            <code class="filename">rndc.key</code> file defines a default
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            command channel and authentication key allowing
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            <span><strong class="command">rndc</strong></span> to communicate with
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            <span><strong class="command">named</strong></span> on the local host
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            with no further configuration.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk          </p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            Running <span><strong class="command">rndc-confgen -a</strong></span> allows
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            BIND 9 and <span><strong class="command">rndc</strong></span> to be used as
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            drop-in
e7f1247b5ae1290974f9e078ad46c2b6809b2636Pascal Volk            replacements for BIND 8 and <span><strong class="command">ndc</strong></span>,
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            with no changes to the existing BIND 8
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            <code class="filename">named.conf</code> file.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk          </p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            If a more elaborate configuration than that
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            generated by <span><strong class="command">rndc-confgen -a</strong></span>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            is required, for example if rndc is to be used remotely,
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            you should run <span><strong class="command">rndc-confgen</strong></span> without
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            the
da2555e119356b3eb0515b2a7e5785f8b7f69f1aPascal Volk            <span><strong class="command">-a</strong></span> option and set up a
da2555e119356b3eb0515b2a7e5785f8b7f69f1aPascal Volk            <code class="filename">rndc.conf</code> and
da2555e119356b3eb0515b2a7e5785f8b7f69f1aPascal Volk            <code class="filename">named.conf</code>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            as directed.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk          </p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk</dd>
da2555e119356b3eb0515b2a7e5785f8b7f69f1aPascal Volk<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
9fbe48fc13330327c19cdd22e1c24e744b74da07Timo Sirainen<dd><p>
9fbe48fc13330327c19cdd22e1c24e744b74da07Timo Sirainen            Specifies the size of the authentication key in bits.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            Must be between 1 and 512 bits; the default is 128.
da2555e119356b3eb0515b2a7e5785f8b7f69f1aPascal Volk          </p></dd>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dd><p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            Used with the <span><strong class="command">-a</strong></span> option to specify
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            an alternate location for <code class="filename">rndc.key</code>.
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk          </p></dd>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dt><span class="term">-h</span></dt>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk<dd><p>
0610b6dfbdcb6a8f234a6495ec243bcf996b5572Pascal Volk            Prints a short summary of the options and arguments to
            <span><strong class="command">rndc-confgen</strong></span>.
          </p></dd>
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
<dd><p>
            Specifies the key name of the rndc authentication key.
            This must be a valid domain name.
            The default is <code class="constant">rndc-key</code>.
          </p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
            Specifies the command channel port where <span><strong class="command">named</strong></span>
            listens for connections from <span><strong class="command">rndc</strong></span>.
            The default is 953.
          </p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd><p>
            Specifies a source of random data for generating the
            authorization.  If the operating
            system does not provide a <code class="filename">/dev/random</code>
            or equivalent device, the default source of randomness
            is keyboard input.  <code class="filename">randomdev</code>
            specifies
            the name of a character device or file containing random
            data to be used instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard
            input should be used.
          </p></dd>
<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
<dd><p>
            Specifies the IP address where <span><strong class="command">named</strong></span>
            listens for command channel connections from
            <span><strong class="command">rndc</strong></span>.  The default is the loopback
            address 127.0.0.1.
          </p></dd>
<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
<dd><p>
            Used with the <span><strong class="command">-a</strong></span> option to specify
            a directory where <span><strong class="command">named</strong></span> will run
            chrooted.  An additional copy of the <code class="filename">rndc.key</code>
            will be written relative to this directory so that
            it will be found by the chrooted <span><strong class="command">named</strong></span>.
          </p></dd>
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
<dd><p>
            Used with the <span><strong class="command">-a</strong></span> option to set the
            owner
            of the <code class="filename">rndc.key</code> file generated.
            If
            <span><strong class="command">-t</strong></span> is also specified only the file
            in
            the chroot area has its owner changed.
          </p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2634547"></a><h2>EXAMPLES</h2>
<p>
      To allow <span><strong class="command">rndc</strong></span> to be used with
      no manual configuration, run
    </p>
<p><strong class="userinput"><code>rndc-confgen -a</code></strong>
    </p>
<p>
      To print a sample <code class="filename">rndc.conf</code> file and
      corresponding <span><strong class="command">controls</strong></span> and <span><strong class="command">key</strong></span>
      statements to be manually inserted into <code class="filename">named.conf</code>,
      run
    </p>
<p><strong class="userinput"><code>rndc-confgen</code></strong>
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2634603"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2636212"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
<td width="40%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<code class="filename">rndc.conf</code>�</td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top">�<span class="application">ddns-confgen</span>
</td>
</tr>
</table>
</div>
</body>
</html>