rndc-confgen.8 6.25 KB
Newer Older
Tinderbox User's avatar
Tinderbox User committed
1
.\" Copyright (C) 2004, 2005, 2007, 2009, 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Automatic Updater's avatar
regen  
Automatic Updater committed
2 3
.\" Copyright (C) 2001, 2003 Internet Software Consortium.
.\" 
Automatic Updater's avatar
regen  
Automatic Updater committed
4
.\" Permission to use, copy, modify, and/or distribute this software for any
5 6
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
Automatic Updater's avatar
regen  
Automatic Updater committed
7
.\" 
8 9
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
Automatic Updater's avatar
regen  
Automatic Updater committed
10
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 12 13 14 15 16 17
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.hy 0
.ad l
Tinderbox User's avatar
Tinderbox User committed
18 19
'\" t
.\"     Title: rndc-confgen
Automatic Updater's avatar
regen  
Automatic Updater committed
20
.\"    Author: 
Tinderbox User's avatar
Tinderbox User committed
21
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
Tinderbox User's avatar
Tinderbox User committed
22
.\"      Date: 2013-03-14
Automatic Updater's avatar
regen  
Automatic Updater committed
23
.\"    Manual: BIND9
Tinderbox User's avatar
Tinderbox User committed
24 25
.\"    Source: ISC
.\"  Language: English
Automatic Updater's avatar
regen  
Automatic Updater committed
26
.\"
Tinderbox User's avatar
Tinderbox User committed
27 28 29 30 31 32 33 34 35 36 37 38 39
.TH "RNDC\-CONFGEN" "8" "2013\-03\-14" "ISC" "BIND9"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
Automatic Updater's avatar
regen  
Automatic Updater committed
40 41 42 43
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
Tinderbox User's avatar
Tinderbox User committed
44 45 46
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
Automatic Updater's avatar
regen  
Automatic Updater committed
47
.SH "NAME"
Tinderbox User's avatar
Tinderbox User committed
48
rndc-confgen \- rndc key generation tool
49
.SH "SYNOPSIS"
Tinderbox User's avatar
Tinderbox User committed
50
.HP \w'\fBrndc\-confgen\fR\ 'u
Tinderbox User's avatar
Tinderbox User committed
51
\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-A\ \fR\fB\fIalgorithm\fR\fR] [\fB\-b\ \fR\fB\fIkeysize\fR\fR] [\fB\-c\ \fR\fB\fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [\fB\-s\ \fR\fB\fIaddress\fR\fR] [\fB\-t\ \fR\fB\fIchrootdir\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR]
52 53
.SH "DESCRIPTION"
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
54 55
\fBrndc\-confgen\fR
generates configuration files for
Tinderbox User's avatar
Tinderbox User committed
56 57
\fBrndc\fR\&. It can be used as a convenient alternative to writing the
rndc\&.conf
Automatic Updater's avatar
regen  
Automatic Updater committed
58 59 60 61 62
file and the corresponding
\fBcontrols\fR
and
\fBkey\fR
statements in
Tinderbox User's avatar
Tinderbox User committed
63 64
named\&.conf
by hand\&. Alternatively, it can be run with the
Automatic Updater's avatar
regen  
Automatic Updater committed
65 66
\fB\-a\fR
option to set up a
Tinderbox User's avatar
Tinderbox User committed
67
rndc\&.key
Automatic Updater's avatar
regen  
Automatic Updater committed
68
file and avoid the need for a
Tinderbox User's avatar
Tinderbox User committed
69
rndc\&.conf
Automatic Updater's avatar
regen  
Automatic Updater committed
70 71
file and a
\fBcontrols\fR
Tinderbox User's avatar
Tinderbox User committed
72
statement altogether\&.
73
.SH "OPTIONS"
Automatic Updater's avatar
regen  
Automatic Updater committed
74
.PP
75
\-a
Automatic Updater's avatar
regen  
Automatic Updater committed
76 77 78
.RS 4
Do automatic
\fBrndc\fR
Tinderbox User's avatar
Tinderbox User committed
79 80
configuration\&. This creates a file
rndc\&.key
Automatic Updater's avatar
regen  
Automatic Updater committed
81
in
Tinderbox User's avatar
Tinderbox User committed
82
/etc
Automatic Updater's avatar
regen  
Automatic Updater committed
83 84 85 86 87 88 89 90
(or whatever
\fIsysconfdir\fR
was specified as when
BIND
was built) that is read by both
\fBrndc\fR
and
\fBnamed\fR
Tinderbox User's avatar
Tinderbox User committed
91 92
on startup\&. The
rndc\&.key
Automatic Updater's avatar
regen  
Automatic Updater committed
93 94 95 96
file defines a default command channel and authentication key allowing
\fBrndc\fR
to communicate with
\fBnamed\fR
Tinderbox User's avatar
Tinderbox User committed
97
on the local host with no further configuration\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
98 99 100 101 102 103 104
.sp
Running
\fBrndc\-confgen \-a\fR
allows BIND 9 and
\fBrndc\fR
to be used as drop\-in replacements for BIND 8 and
\fBndc\fR, with no changes to the existing BIND 8
Tinderbox User's avatar
Tinderbox User committed
105 106
named\&.conf
file\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
107 108 109 110 111 112 113 114
.sp
If a more elaborate configuration than that generated by
\fBrndc\-confgen \-a\fR
is required, for example if rndc is to be used remotely, you should run
\fBrndc\-confgen\fR
without the
\fB\-a\fR
option and set up a
Tinderbox User's avatar
Tinderbox User committed
115
rndc\&.conf
Automatic Updater's avatar
regen  
Automatic Updater committed
116
and
Tinderbox User's avatar
Tinderbox User committed
117 118
named\&.conf
as directed\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
119 120
.RE
.PP
Tinderbox User's avatar
Tinderbox User committed
121 122
\-A \fIalgorithm\fR
.RS 4
Tinderbox User's avatar
Tinderbox User committed
123
Specifies the algorithm to use for the TSIG key\&. Available choices are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384 and hmac\-sha512\&. The default is hmac\-md5\&.
Tinderbox User's avatar
Tinderbox User committed
124 125
.RE
.PP
126
\-b \fIkeysize\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
127
.RS 4
Tinderbox User's avatar
Tinderbox User committed
128
Specifies the size of the authentication key in bits\&. Must be between 1 and 512 bits; the default is the hash size\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
129 130
.RE
.PP
131
\-c \fIkeyfile\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
132 133 134 135
.RS 4
Used with the
\fB\-a\fR
option to specify an alternate location for
Tinderbox User's avatar
Tinderbox User committed
136
rndc\&.key\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
137 138
.RE
.PP
139
\-h
Automatic Updater's avatar
regen  
Automatic Updater committed
140 141
.RS 4
Prints a short summary of the options and arguments to
Tinderbox User's avatar
Tinderbox User committed
142
\fBrndc\-confgen\fR\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
143 144
.RE
.PP
145
\-k \fIkeyname\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
146
.RS 4
Tinderbox User's avatar
Tinderbox User committed
147 148
Specifies the key name of the rndc authentication key\&. This must be a valid domain name\&. The default is
\fBrndc\-key\fR\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
149 150
.RE
.PP
151
\-p \fIport\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
152 153 154 155
.RS 4
Specifies the command channel port where
\fBnamed\fR
listens for connections from
Tinderbox User's avatar
Tinderbox User committed
156
\fBrndc\fR\&. The default is 953\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
157 158
.RE
.PP
159
\-r \fIrandomfile\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
160
.RS 4
Tinderbox User's avatar
Tinderbox User committed
161 162 163 164 165 166 167
Specifies a source of random data for generating the authorization\&. If the operating system does not provide a
/dev/random
or equivalent device, the default source of randomness is keyboard input\&.
randomdev
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
keyboard
indicates that keyboard input should be used\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
168 169
.RE
.PP
170
\-s \fIaddress\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
171 172 173 174
.RS 4
Specifies the IP address where
\fBnamed\fR
listens for command channel connections from
Tinderbox User's avatar
Tinderbox User committed
175
\fBrndc\fR\&. The default is the loopback address 127\&.0\&.0\&.1\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
176 177
.RE
.PP
178
\-t \fIchrootdir\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
179 180 181 182 183
.RS 4
Used with the
\fB\-a\fR
option to specify a directory where
\fBnamed\fR
Tinderbox User's avatar
Tinderbox User committed
184 185
will run chrooted\&. An additional copy of the
rndc\&.key
Automatic Updater's avatar
regen  
Automatic Updater committed
186
will be written relative to this directory so that it will be found by the chrooted
Tinderbox User's avatar
Tinderbox User committed
187
\fBnamed\fR\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
188 189
.RE
.PP
190
\-u \fIuser\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
191 192 193 194
.RS 4
Used with the
\fB\-a\fR
option to set the owner of the
Tinderbox User's avatar
Tinderbox User committed
195 196
rndc\&.key
file generated\&. If
Automatic Updater's avatar
regen  
Automatic Updater committed
197
\fB\-t\fR
Tinderbox User's avatar
Tinderbox User committed
198
is also specified only the file in the chroot area has its owner changed\&.
Automatic Updater's avatar
regen  
Automatic Updater committed
199
.RE
200 201
.SH "EXAMPLES"
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
202 203 204
To allow
\fBrndc\fR
to be used with no manual configuration, run
205
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
206
\fBrndc\-confgen \-a\fR
207
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
208
To print a sample
Tinderbox User's avatar
Tinderbox User committed
209
rndc\&.conf
Automatic Updater's avatar
regen  
Automatic Updater committed
210 211 212 213 214
file and corresponding
\fBcontrols\fR
and
\fBkey\fR
statements to be manually inserted into
Tinderbox User's avatar
Tinderbox User committed
215
named\&.conf, run
216
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
217
\fBrndc\-confgen\fR
218 219
.SH "SEE ALSO"
.PP
Automatic Updater's avatar
regen  
Automatic Updater committed
220 221 222
\fBrndc\fR(8),
\fBrndc.conf\fR(5),
\fBnamed\fR(8),
Tinderbox User's avatar
Tinderbox User committed
223
BIND 9 Administrator Reference Manual\&.
224 225
.SH "AUTHOR"
.PP
Tinderbox User's avatar
Tinderbox User committed
226
\fBInternet Systems Consortium, Inc\&.\fR
Automatic Updater's avatar
regen  
Automatic Updater committed
227
.SH "COPYRIGHT"
Tinderbox User's avatar
Tinderbox User committed
228
.br
Tinderbox User's avatar
Tinderbox User committed
229
Copyright \(co 2004, 2005, 2007, 2009, 2013-2016 Internet Systems Consortium, Inc. ("ISC")
Automatic Updater's avatar
regen  
Automatic Updater committed
230 231
.br
Copyright \(co 2001, 2003 Internet Software Consortium.
Automatic Updater's avatar
regen  
Automatic Updater committed
232
.br