402N/A - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") 402N/A - Copyright (C) 2000-2003 Internet Software Consortium. 402N/A - Permission to use, copy, modify, and/or distribute this software for any 402N/A - purpose with or without fee is hereby granted, provided that the above 402N/A - copyright notice and this permission notice appear in all copies. 402N/A - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 402N/A - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 402N/A - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 402N/A - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 402N/A - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 402N/A - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 402N/A - PERFORMANCE OF THIS SOFTWARE. 402N/A<
meta http-
equiv="Content-Type" content="text/html; charset=ISO-8859-1">
814N/A<
title>rndc-confgen</
title>
402N/A<
meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
814N/A<
link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
402N/A<
body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
402N/A<
table width="100%" summary="Navigation header">
402N/A<
tr><
th colspan="3" align="center"><
span class="application">rndc-confgen</
span></
th></
tr>
402N/A<
td width="20%" align="left">
402N/A<
th width="60%" align="center">Manual pages</
th>
814N/A<
div class="refentry" lang="en">
402N/A<
div class="refnamediv">
402N/A<
p><
span class="application">rndc-confgen</
span> — rndc key generation tool</
p>
402N/A<
div class="refsynopsisdiv">
402N/A<
div class="cmdsynopsis"><
p><
code class="command">rndc-confgen</
code> [<
code class="option">-a</
code>] [<
code class="option">-A <
em class="replaceable"><
code>algorithm</
code></
em></
code>] [<
code class="option">-b <
em class="replaceable"><
code>keysize</
code></
em></
code>] [<
code class="option">-c <
em class="replaceable"><
code>keyfile</
code></
em></
code>] [<
code class="option">-h</
code>] [<
code class="option">-k <
em class="replaceable"><
code>keyname</
code></
em></
code>] [<
code class="option">-p <
em class="replaceable"><
code>port</
code></
em></
code>] [<
code class="option">-r <
em class="replaceable"><
code>randomfile</
code></
em></
code>] [<
code class="option">-s <
em class="replaceable"><
code>address</
code></
em></
code>] [<
code class="option">-t <
em class="replaceable"><
code>chrootdir</
code></
em></
code>] [<
code class="option">-u <
em class="replaceable"><
code>user</
code></
em></
code>]</
p></
div>
402N/A<
div class="refsect1" lang="en">
402N/A<
a name="id2657958"></
a><
h2>DESCRIPTION</
h2>
402N/A<
p><
span><
strong class="command">rndc-confgen</
strong></
span>
402N/A generates configuration files
402N/A for <
span><
strong class="command">rndc</
strong></
span>. It can be used as a
402N/A convenient alternative to writing the
402N/A and the corresponding <
span><
strong class="command">controls</
strong></
span>
402N/A and <
span><
strong class="command">key</
strong></
span>
402N/A Alternatively, it can be run with the <
span><
strong class="command">-a</
strong></
span>
402N/A option to set up a <
code class="filename">
rndc.key</
code> file and
402N/A and a <
span><
strong class="command">controls</
strong></
span> statement altogether.
402N/A<
div class="refsect1" lang="en">
402N/A<
a name="id2661437"></
a><
h2>OPTIONS</
h2>
402N/A<
div class="variablelist"><
dl>
402N/A<
dt><
span class="term">-a</
span></
dt>
402N/A Do automatic <
span><
strong class="command">rndc</
strong></
span> configuration.
402N/A in <
code class="filename">/etc</
code> (or whatever
402N/A <
code class="varname">sysconfdir</
code>
402N/A was specified as when <
acronym class="acronym">BIND</
acronym> was
402N/A that is read by both <
span><
strong class="command">rndc</
strong></
span>
402N/A and <
span><
strong class="command">named</
strong></
span> on startup. The
402N/A command channel and authentication key allowing
402N/A <
span><
strong class="command">rndc</
strong></
span> to communicate with
402N/A <
span><
strong class="command">named</
strong></
span> on the local host
402N/A with no further configuration.
402N/A Running <
span><
strong class="command">rndc-confgen -a</
strong></
span> allows
459N/A BIND 9 and <
span><
strong class="command">rndc</
strong></
span> to be used as
402N/A replacements for BIND 8 and <
span><
strong class="command">ndc</
strong></
span>,
402N/A with no changes to the existing BIND 8
402N/A If a more elaborate configuration than that
402N/A generated by <
span><
strong class="command">rndc-confgen -a</
strong></
span>
402N/A is required, for example if rndc is to be used remotely,
402N/A you should run <
span><
strong class="command">rndc-confgen</
strong></
span> without
402N/A <
span><
strong class="command">-a</
strong></
span> option and set up a
402N/A<
dt><
span class="term">-A <
em class="replaceable"><
code>algorithm</
code></
em></
span></
dt>
402N/A Specifies the algorithm to use for the TSIG key. Available
402N/A choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
402N/A hmac-sha384 and hmac-sha512. The default is hmac-md5.
402N/A<
dt><
span class="term">-b <
em class="replaceable"><
code>keysize</
code></
em></
span></
dt>
402N/A Specifies the size of the authentication key in bits.
402N/A Must be between 1 and 512 bits; the default is the
402N/A<
dt><
span class="term">-c <
em class="replaceable"><
code>keyfile</
code></
em></
span></
dt>
402N/A Used with the <
span><
strong class="command">-a</
strong></
span> option to specify
402N/A an alternate location for <
code class="filename">
rndc.key</
code>.
402N/A<
dt><
span class="term">-h</
span></
dt>
402N/A Prints a short summary of the options and arguments to
402N/A <
span><
strong class="command">rndc-confgen</
strong></
span>.
402N/A<
dt><
span class="term">-k <
em class="replaceable"><
code>keyname</
code></
em></
span></
dt>
402N/A Specifies the key name of the rndc authentication key.
402N/A This must be a valid domain name.
402N/A The default is <
code class="constant">rndc-key</
code>.
402N/A<
dt><
span class="term">-p <
em class="replaceable"><
code>port</
code></
em></
span></
dt>
402N/A Specifies the command channel port where <
span><
strong class="command">named</
strong></
span>
402N/A listens for connections from <
span><
strong class="command">rndc</
strong></
span>.
402N/A<
dt><
span class="term">-r <
em class="replaceable"><
code>randomfile</
code></
em></
span></
dt>
402N/A Specifies a source of random data for generating the
402N/A authorization. If the operating
402N/A or equivalent device, the default source of randomness
402N/A is keyboard input. <
code class="filename">randomdev</
code>
402N/A the name of a character device or file containing random
402N/A data to be used instead of the default. The special value
402N/A <
code class="filename">keyboard</
code> indicates that keyboard
402N/A<
dt><
span class="term">-s <
em class="replaceable"><
code>address</
code></
em></
span></
dt>
402N/A Specifies the IP address where <
span><
strong class="command">named</
strong></
span>
402N/A listens for command channel connections from
402N/A <
span><
strong class="command">rndc</
strong></
span>. The default is the loopback
402N/A<
dt><
span class="term">-t <
em class="replaceable"><
code>chrootdir</
code></
em></
span></
dt>
402N/A Used with the <
span><
strong class="command">-a</
strong></
span> option to specify
402N/A a directory where <
span><
strong class="command">named</
strong></
span> will run
402N/A chrooted. An additional copy of the <
code class="filename">
rndc.key</
code>
402N/A will be written relative to this directory so that
402N/A it will be found by the chrooted <
span><
strong class="command">named</
strong></
span>.
402N/A<
dt><
span class="term">-u <
em class="replaceable"><
code>user</
code></
em></
span></
dt>
402N/A Used with the <
span><
strong class="command">-a</
strong></
span> option to set the
402N/A <
span><
strong class="command">-t</
strong></
span> is also specified only the file
402N/A the chroot area has its owner changed.
402N/A<
div class="refsect1" lang="en">
402N/A<
a name="id2661841"></
a><
h2>EXAMPLES</
h2>
402N/A To allow <
span><
strong class="command">rndc</
strong></
span> to be used with
402N/A no manual configuration, run
402N/A<
p><
strong class="userinput"><
code>rndc-confgen -a</
code></
strong>
402N/A corresponding <
span><
strong class="command">controls</
strong></
span> and <
span><
strong class="command">key</
strong></
span>
402N/A statements to be manually inserted into <
code class="filename">
named.conf</
code>,
402N/A<
p><
strong class="userinput"><
code>rndc-confgen</
code></
strong>
402N/A<
div class="refsect1" lang="en">
402N/A<
a name="id2665106"></
a><
h2>SEE ALSO</
h2>
402N/A<
p><
span class="citerefentry"><
span class="refentrytitle">rndc</
span>(8)</
span>,
402N/A <
span class="citerefentry"><
span class="refentrytitle">
rndc.conf</
span>(5)</
span>,
402N/A <
span class="citerefentry"><
span class="refentrytitle">named</
span>(8)</
span>,
402N/A <
em class="citetitle">BIND 9 Administrator Reference Manual</
em>.
402N/A<
div class="refsect1" lang="en">
402N/A<
a name="id2665144"></
a><
h2>AUTHOR</
h2>
402N/A<
p><
span class="corpauthor">Internet Systems Consortium</
span>
402N/A<
table width="100%" summary="Navigation footer">
402N/A<
td width="40%" align="left">
402N/A<
td width="40%" align="left" valign="top">
402N/A<
td width="20%" align="center"><
a accesskey="h" href="Bv9ARM.html">Home</
a></
td>
402N/A<
td width="40%" align="right" valign="top">�<
span class="application">ddns-confgen</
span>