man.rndc-confgen.html revision a24330c4805a224191ab687d0291963062fe3355
402N/A<!--
402N/A - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
402N/A - Copyright (C) 2000-2003 Internet Software Consortium.
402N/A -
402N/A - Permission to use, copy, modify, and/or distribute this software for any
402N/A - purpose with or without fee is hereby granted, provided that the above
402N/A - copyright notice and this permission notice appear in all copies.
402N/A -
402N/A - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
402N/A - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
402N/A - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
402N/A - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
402N/A - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
402N/A - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
402N/A - PERFORMANCE OF THIS SOFTWARE.
402N/A-->
402N/A<!-- $Id$ -->
402N/A<html>
402N/A<head>
402N/A<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
814N/A<title>rndc-confgen</title>
402N/A<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
814N/A<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
814N/A<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
814N/A<link rel="prev" href="man.rndc.conf.html" title="rndc.conf">
814N/A<link rel="next" href="man.ddns-confgen.html" title="ddns-confgen">
814N/A</head>
402N/A<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
402N/A<div class="navheader">
402N/A<table width="100%" summary="Navigation header">
402N/A<tr><th colspan="3" align="center"><span class="application">rndc-confgen</span></th></tr>
402N/A<tr>
402N/A<td width="20%" align="left">
618N/A<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
402N/A<th width="60%" align="center">Manual pages</th>
402N/A<td width="20%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
402N/A</td>
844N/A</tr>
844N/A</table>
402N/A<hr>
402N/A</div>
814N/A<div class="refentry" lang="en">
814N/A<a name="man.rndc-confgen"></a><div class="titlepage"></div>
402N/A<div class="refnamediv">
402N/A<h2>Name</h2>
402N/A<p><span class="application">rndc-confgen</span> &#8212; rndc key generation tool</p>
402N/A</div>
402N/A<div class="refsynopsisdiv">
402N/A<h2>Synopsis</h2>
402N/A<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code> [<code class="option">-a</code>] [<code class="option">-A <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
402N/A</div>
402N/A<div class="refsect1" lang="en">
402N/A<a name="id2657958"></a><h2>DESCRIPTION</h2>
402N/A<p><span><strong class="command">rndc-confgen</strong></span>
402N/A generates configuration files
402N/A for <span><strong class="command">rndc</strong></span>. It can be used as a
402N/A convenient alternative to writing the
402N/A <code class="filename">rndc.conf</code> file
402N/A and the corresponding <span><strong class="command">controls</strong></span>
402N/A and <span><strong class="command">key</strong></span>
402N/A statements in <code class="filename">named.conf</code> by hand.
402N/A Alternatively, it can be run with the <span><strong class="command">-a</strong></span>
402N/A option to set up a <code class="filename">rndc.key</code> file and
402N/A avoid the need for a <code class="filename">rndc.conf</code> file
402N/A and a <span><strong class="command">controls</strong></span> statement altogether.
402N/A </p>
402N/A</div>
402N/A<div class="refsect1" lang="en">
402N/A<a name="id2661437"></a><h2>OPTIONS</h2>
402N/A<div class="variablelist"><dl>
402N/A<dt><span class="term">-a</span></dt>
402N/A<dd>
402N/A<p>
402N/A Do automatic <span><strong class="command">rndc</strong></span> configuration.
402N/A This creates a file <code class="filename">rndc.key</code>
402N/A in <code class="filename">/etc</code> (or whatever
402N/A <code class="varname">sysconfdir</code>
402N/A was specified as when <acronym class="acronym">BIND</acronym> was
402N/A built)
402N/A that is read by both <span><strong class="command">rndc</strong></span>
402N/A and <span><strong class="command">named</strong></span> on startup. The
402N/A <code class="filename">rndc.key</code> file defines a default
402N/A command channel and authentication key allowing
402N/A <span><strong class="command">rndc</strong></span> to communicate with
402N/A <span><strong class="command">named</strong></span> on the local host
402N/A with no further configuration.
402N/A </p>
402N/A<p>
402N/A Running <span><strong class="command">rndc-confgen -a</strong></span> allows
459N/A BIND 9 and <span><strong class="command">rndc</strong></span> to be used as
402N/A drop-in
402N/A replacements for BIND 8 and <span><strong class="command">ndc</strong></span>,
402N/A with no changes to the existing BIND 8
402N/A <code class="filename">named.conf</code> file.
402N/A </p>
402N/A<p>
402N/A If a more elaborate configuration than that
402N/A generated by <span><strong class="command">rndc-confgen -a</strong></span>
402N/A is required, for example if rndc is to be used remotely,
402N/A you should run <span><strong class="command">rndc-confgen</strong></span> without
402N/A the
402N/A <span><strong class="command">-a</strong></span> option and set up a
402N/A <code class="filename">rndc.conf</code> and
402N/A <code class="filename">named.conf</code>
402N/A as directed.
402N/A </p>
402N/A</dd>
402N/A<dt><span class="term">-A <em class="replaceable"><code>algorithm</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies the algorithm to use for the TSIG key. Available
402N/A choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
402N/A hmac-sha384 and hmac-sha512. The default is hmac-md5.
402N/A </p></dd>
402N/A<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies the size of the authentication key in bits.
402N/A Must be between 1 and 512 bits; the default is the
402N/A hash size.
402N/A </p></dd>
402N/A<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
402N/A<dd><p>
402N/A Used with the <span><strong class="command">-a</strong></span> option to specify
402N/A an alternate location for <code class="filename">rndc.key</code>.
402N/A </p></dd>
402N/A<dt><span class="term">-h</span></dt>
402N/A<dd><p>
402N/A Prints a short summary of the options and arguments to
402N/A <span><strong class="command">rndc-confgen</strong></span>.
402N/A </p></dd>
402N/A<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies the key name of the rndc authentication key.
402N/A This must be a valid domain name.
402N/A The default is <code class="constant">rndc-key</code>.
402N/A </p></dd>
402N/A<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies the command channel port where <span><strong class="command">named</strong></span>
402N/A listens for connections from <span><strong class="command">rndc</strong></span>.
402N/A The default is 953.
402N/A </p></dd>
402N/A<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies a source of random data for generating the
402N/A authorization. If the operating
402N/A system does not provide a <code class="filename">/dev/random</code>
402N/A or equivalent device, the default source of randomness
402N/A is keyboard input. <code class="filename">randomdev</code>
402N/A specifies
402N/A the name of a character device or file containing random
402N/A data to be used instead of the default. The special value
402N/A <code class="filename">keyboard</code> indicates that keyboard
402N/A input should be used.
402N/A </p></dd>
402N/A<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
402N/A<dd><p>
402N/A Specifies the IP address where <span><strong class="command">named</strong></span>
402N/A listens for command channel connections from
402N/A <span><strong class="command">rndc</strong></span>. The default is the loopback
402N/A address 127.0.0.1.
402N/A </p></dd>
402N/A<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
402N/A<dd><p>
402N/A Used with the <span><strong class="command">-a</strong></span> option to specify
402N/A a directory where <span><strong class="command">named</strong></span> will run
402N/A chrooted. An additional copy of the <code class="filename">rndc.key</code>
402N/A will be written relative to this directory so that
402N/A it will be found by the chrooted <span><strong class="command">named</strong></span>.
402N/A </p></dd>
402N/A<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
402N/A<dd><p>
402N/A Used with the <span><strong class="command">-a</strong></span> option to set the
402N/A owner
402N/A of the <code class="filename">rndc.key</code> file generated.
402N/A If
402N/A <span><strong class="command">-t</strong></span> is also specified only the file
402N/A in
402N/A the chroot area has its owner changed.
402N/A </p></dd>
402N/A</dl></div>
402N/A</div>
402N/A<div class="refsect1" lang="en">
402N/A<a name="id2661841"></a><h2>EXAMPLES</h2>
402N/A<p>
402N/A To allow <span><strong class="command">rndc</strong></span> to be used with
402N/A no manual configuration, run
402N/A </p>
402N/A<p><strong class="userinput"><code>rndc-confgen -a</code></strong>
402N/A </p>
402N/A<p>
402N/A To print a sample <code class="filename">rndc.conf</code> file and
402N/A corresponding <span><strong class="command">controls</strong></span> and <span><strong class="command">key</strong></span>
402N/A statements to be manually inserted into <code class="filename">named.conf</code>,
402N/A run
402N/A </p>
402N/A<p><strong class="userinput"><code>rndc-confgen</code></strong>
402N/A </p>
402N/A</div>
402N/A<div class="refsect1" lang="en">
402N/A<a name="id2665106"></a><h2>SEE ALSO</h2>
402N/A<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
402N/A <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
402N/A <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
402N/A <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
402N/A </p>
402N/A</div>
402N/A<div class="refsect1" lang="en">
402N/A<a name="id2665144"></a><h2>AUTHOR</h2>
402N/A<p><span class="corpauthor">Internet Systems Consortium</span>
402N/A </p>
402N/A</div>
402N/A</div>
402N/A<div class="navfooter">
402N/A<hr>
402N/A<table width="100%" summary="Navigation footer">
402N/A<tr>
402N/A<td width="40%" align="left">
402N/A<a accesskey="p" href="man.rndc.conf.html">Prev</a>�</td>
402N/A<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
402N/A<td width="40%" align="right">�<a accesskey="n" href="man.ddns-confgen.html">Next</a>
402N/A</td>
402N/A</tr>
402N/A<tr>
402N/A<td width="40%" align="left" valign="top">
402N/A<code class="filename">rndc.conf</code>�</td>
402N/A<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
402N/A<td width="40%" align="right" valign="top">�<span class="application">ddns-confgen</span>
402N/A</td>
402N/A</tr>
402N/A</table>
402N/A</div>
402N/A</body>
402N/A</html>
402N/A