ddns-confgen.html 8.17 KB
Newer Older
1
<!--
Tinderbox User's avatar
Tinderbox User committed
2
 - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Automatic Updater's avatar
regen  
Automatic Updater committed
3
 - 
Automatic Updater's avatar
regen  
Automatic Updater committed
4
 - Permission to use, copy, modify, and/or distribute this software for any
5 6
 - purpose with or without fee is hereby granted, provided that the above
 - copyright notice and this permission notice appear in all copies.
Automatic Updater's avatar
regen  
Automatic Updater committed
7
 - 
8 9
 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
Automatic Updater's avatar
regen  
Automatic Updater committed
10
 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 12 13 14 15 16 17 18 19
 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 - PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>ddns-confgen</title>
Tinderbox User's avatar
Tinderbox User committed
20
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
21
</head>
Tinderbox User's avatar
Tinderbox User committed
22
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
23
<a name="man.ddns-confgen"></a><div class="titlepage"></div>
Tinderbox User's avatar
Tinderbox User committed
24
<div class="refnamediv">
25
<h2>Name</h2>
Tinderbox User's avatar
Tinderbox User committed
26
<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
27
</div>
Tinderbox User's avatar
Tinderbox User committed
28
<div class="refsynopsisdiv">
29
<h2>Synopsis</h2>
Tinderbox User's avatar
Tinderbox User committed
30 31 32 33 34 35
<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
</div>
<div class="refsection">
<a name="id-1.7"></a><h2>DESCRIPTION</h2>
<p>
Tinderbox User's avatar
Tinderbox User committed
36
      <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
Tinderbox User's avatar
Tinderbox User committed
37
      are invocation methods for a utility that generates keys for use
Tinderbox User's avatar
Tinderbox User committed
38 39
      in TSIG signing.  The resulting keys can be used, for example,
      to secure dynamic DNS updates to a zone or for the
Tinderbox User's avatar
Tinderbox User committed
40
      <span class="command"><strong>rndc</strong></span> command channel.
Tinderbox User's avatar
Tinderbox User committed
41
    </p>
Tinderbox User's avatar
Tinderbox User committed
42
<p>
Tinderbox User's avatar
Tinderbox User committed
43
      When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
Tinderbox User's avatar
Tinderbox User committed
44 45 46
      can be specified on the command line which will be used as
      the name of the generated key.  If no name is specified,
      the default is <code class="constant">tsig-key</code>.
47
    </p>
Tinderbox User's avatar
Tinderbox User committed
48
<p>
Tinderbox User's avatar
Tinderbox User committed
49
      When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
Tinderbox User's avatar
Tinderbox User committed
50
      key is accompanied by configuration text and instructions
Tinderbox User's avatar
Tinderbox User committed
51 52 53
      that can be used with <span class="command"><strong>nsupdate</strong></span> and
      <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
      including an example <span class="command"><strong>update-policy</strong></span>
Tinderbox User's avatar
Tinderbox User committed
54
      statement.  (This usage similar to the
Tinderbox User's avatar
Tinderbox User committed
55
      <span class="command"><strong>rndc-confgen</strong></span> command for setting
Tinderbox User's avatar
Tinderbox User committed
56
      up command channel security.)
57
    </p>
Tinderbox User's avatar
Tinderbox User committed
58
<p>
Tinderbox User's avatar
Tinderbox User committed
59 60
      Note that <span class="command"><strong>named</strong></span> itself can configure a
      local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
Tinderbox User's avatar
Tinderbox User committed
61
      it does this when a zone is configured with
Tinderbox User's avatar
Tinderbox User committed
62
      <span class="command"><strong>update-policy local;</strong></span>.
Tinderbox User's avatar
Tinderbox User committed
63
      <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
Tinderbox User's avatar
Tinderbox User committed
64
      more elaborate configuration is required: for instance,
Tinderbox User's avatar
Tinderbox User committed
65
      if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
Tinderbox User's avatar
Tinderbox User committed
66
      system.
67
    </p>
Tinderbox User's avatar
Tinderbox User committed
68 69 70 71
</div>
<div class="refsection">
<a name="id-1.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
72
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
73
<dd><p>
74 75 76
            Specifies the algorithm to use for the TSIG key.  Available
            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
Tinderbox User's avatar
Tinderbox User committed
77 78
            Options are case-insensitive, and the "hmac-" prefix
            may be omitted.
Tinderbox User's avatar
Tinderbox User committed
79
	  </p></dd>
80
<dt><span class="term">-h</span></dt>
Tinderbox User's avatar
Tinderbox User committed
81
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
82
	    Prints a short summary of options and arguments.
Tinderbox User's avatar
Tinderbox User committed
83
	  </p></dd>
84
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
85
<dd><p>
86
	    Specifies the key name of the DDNS authentication key.
Automatic Updater's avatar
regen  
Automatic Updater committed
87
	    The default is <code class="constant">ddns-key</code> when neither
Automatic Updater's avatar
regen  
Automatic Updater committed
88
	    the <code class="option">-s</code> nor <code class="option">-z</code> option is
Automatic Updater's avatar
regen  
Automatic Updater committed
89 90 91 92
	    specified; otherwise, the default
	    is <code class="constant">ddns-key</code> as a separate label
	    followed by the argument of the option, e.g.,
	    <code class="constant">ddns-key.example.com.</code>
93 94
	    The key name must have the format of a valid domain name,
	    consisting of letters, digits, hyphens and periods.
Tinderbox User's avatar
Tinderbox User committed
95
	  </p></dd>
96
<dt><span class="term">-q</span></dt>
Tinderbox User's avatar
Tinderbox User committed
97
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
98
	    (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode:  Print
Tinderbox User's avatar
Tinderbox User committed
99
            only the key, with no explanatory text or usage examples;
Tinderbox User's avatar
Tinderbox User committed
100
            This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
Tinderbox User's avatar
Tinderbox User committed
101
	  </p></dd>
102
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
103
<dd><p>
104 105 106 107 108 109 110 111 112
            Specifies a source of random data for generating the
            authorization.  If the operating system does not provide a
            <code class="filename">/dev/random</code> or equivalent device, the
            default source of randomness is keyboard input.
            <code class="filename">randomdev</code> specifies the name of a
            character device or file containing random data to be used
            instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard input
            should be used.
Tinderbox User's avatar
Tinderbox User committed
113
	  </p></dd>
Automatic Updater's avatar
regen  
Automatic Updater committed
114
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
115
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
116
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
Tinderbox User's avatar
Tinderbox User committed
117
	    Generate configuration example to allow dynamic updates
Tinderbox User's avatar
Tinderbox User committed
118
            of a single hostname.  The example <span class="command"><strong>named.conf</strong></span>
Tinderbox User's avatar
Tinderbox User committed
119 120 121
            text shows how to set an update policy for the specified
            <em class="replaceable"><code>name</code></em>
	    using the "name" nametype.  The default key name is
Automatic Updater's avatar
regen  
Automatic Updater committed
122 123 124 125
	    ddns-key.<em class="replaceable"><code>name</code></em>.
	    Note that the "self" nametype cannot be used, since
	    the name to be updated may differ from the key name.
	    This option cannot be used with the <code class="option">-z</code> option.
Tinderbox User's avatar
Tinderbox User committed
126
	  </p></dd>
Automatic Updater's avatar
regen  
Automatic Updater committed
127
<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
128
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
129
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
Tinderbox User's avatar
Tinderbox User committed
130
	    Generate configuration example to allow dynamic updates
Tinderbox User's avatar
Tinderbox User committed
131
            of a zone:  The example <span class="command"><strong>named.conf</strong></span> text
Automatic Updater's avatar
regen  
Automatic Updater committed
132 133
            shows how to set an update policy for the specified
	    <em class="replaceable"><code>zone</code></em>
Tinderbox User's avatar
Tinderbox User committed
134 135 136
	    using the "zonesub" nametype, allowing updates to
            all subdomain names within that
            <em class="replaceable"><code>zone</code></em>.
Automatic Updater's avatar
regen  
Automatic Updater committed
137
	    This option cannot be used with the <code class="option">-s</code> option.
Tinderbox User's avatar
Tinderbox User committed
138
	  </p></dd>
139
</dl></div>
Tinderbox User's avatar
Tinderbox User committed
140 141 142 143 144 145
</div>
<div class="refsection">
<a name="id-1.9"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
146 147
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
Tinderbox User's avatar
Tinderbox User committed
148
</div>
149 150
</div></body>
</html>