ddns-confgen.html 7.67 KB
Newer Older
1
<!--
Tinderbox User's avatar
Tinderbox User committed
2
 - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
Automatic Updater's avatar
regen  
Automatic Updater committed
3
 - 
Tinderbox User's avatar
Tinderbox User committed
4 5 6
 - This Source Code Form is subject to the terms of the Mozilla Public
 - License, v. 2.0. If a copy of the MPL was not distributed with this
 - file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 8 9 10 11
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>ddns-confgen</title>
Tinderbox User's avatar
Tinderbox User committed
12
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
13
</head>
Tinderbox User's avatar
Tinderbox User committed
14
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
15
<a name="man.ddns-confgen"></a><div class="titlepage"></div>
Tinderbox User's avatar
Tinderbox User committed
16
<div class="refnamediv">
17
<h2>Name</h2>
Tinderbox User's avatar
Tinderbox User committed
18
<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
19
</div>
Tinderbox User's avatar
Tinderbox User committed
20
<div class="refsynopsisdiv">
21
<h2>Synopsis</h2>
Tinderbox User's avatar
Tinderbox User committed
22 23 24 25 26 27
<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
</div>
<div class="refsection">
<a name="id-1.7"></a><h2>DESCRIPTION</h2>
<p>
Tinderbox User's avatar
Tinderbox User committed
28
      <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
Tinderbox User's avatar
Tinderbox User committed
29
      are invocation methods for a utility that generates keys for use
Tinderbox User's avatar
Tinderbox User committed
30 31
      in TSIG signing.  The resulting keys can be used, for example,
      to secure dynamic DNS updates to a zone or for the
Tinderbox User's avatar
Tinderbox User committed
32
      <span class="command"><strong>rndc</strong></span> command channel.
Tinderbox User's avatar
Tinderbox User committed
33
    </p>
Tinderbox User's avatar
Tinderbox User committed
34
<p>
Tinderbox User's avatar
Tinderbox User committed
35
      When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
Tinderbox User's avatar
Tinderbox User committed
36 37 38
      can be specified on the command line which will be used as
      the name of the generated key.  If no name is specified,
      the default is <code class="constant">tsig-key</code>.
39
    </p>
Tinderbox User's avatar
Tinderbox User committed
40
<p>
Tinderbox User's avatar
Tinderbox User committed
41
      When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
Tinderbox User's avatar
Tinderbox User committed
42
      key is accompanied by configuration text and instructions
Tinderbox User's avatar
Tinderbox User committed
43 44 45
      that can be used with <span class="command"><strong>nsupdate</strong></span> and
      <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
      including an example <span class="command"><strong>update-policy</strong></span>
Tinderbox User's avatar
Tinderbox User committed
46
      statement.  (This usage similar to the
Tinderbox User's avatar
Tinderbox User committed
47
      <span class="command"><strong>rndc-confgen</strong></span> command for setting
Tinderbox User's avatar
Tinderbox User committed
48
      up command channel security.)
49
    </p>
Tinderbox User's avatar
Tinderbox User committed
50
<p>
Tinderbox User's avatar
Tinderbox User committed
51 52
      Note that <span class="command"><strong>named</strong></span> itself can configure a
      local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
Tinderbox User's avatar
Tinderbox User committed
53
      it does this when a zone is configured with
Tinderbox User's avatar
Tinderbox User committed
54
      <span class="command"><strong>update-policy local;</strong></span>.
Tinderbox User's avatar
Tinderbox User committed
55
      <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
Tinderbox User's avatar
Tinderbox User committed
56
      more elaborate configuration is required: for instance,
Tinderbox User's avatar
Tinderbox User committed
57
      if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
Tinderbox User's avatar
Tinderbox User committed
58
      system.
59
    </p>
Tinderbox User's avatar
Tinderbox User committed
60 61 62 63
</div>
<div class="refsection">
<a name="id-1.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
64
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
65
<dd><p>
66 67 68
            Specifies the algorithm to use for the TSIG key.  Available
            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
Tinderbox User's avatar
Tinderbox User committed
69 70
            Options are case-insensitive, and the "hmac-" prefix
            may be omitted.
Tinderbox User's avatar
Tinderbox User committed
71
	  </p></dd>
72
<dt><span class="term">-h</span></dt>
Tinderbox User's avatar
Tinderbox User committed
73
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
74
	    Prints a short summary of options and arguments.
Tinderbox User's avatar
Tinderbox User committed
75
	  </p></dd>
76
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
77
<dd><p>
78
	    Specifies the key name of the DDNS authentication key.
Automatic Updater's avatar
regen  
Automatic Updater committed
79
	    The default is <code class="constant">ddns-key</code> when neither
Automatic Updater's avatar
regen  
Automatic Updater committed
80
	    the <code class="option">-s</code> nor <code class="option">-z</code> option is
Automatic Updater's avatar
regen  
Automatic Updater committed
81 82 83 84
	    specified; otherwise, the default
	    is <code class="constant">ddns-key</code> as a separate label
	    followed by the argument of the option, e.g.,
	    <code class="constant">ddns-key.example.com.</code>
85 86
	    The key name must have the format of a valid domain name,
	    consisting of letters, digits, hyphens and periods.
Tinderbox User's avatar
Tinderbox User committed
87
	  </p></dd>
88
<dt><span class="term">-q</span></dt>
Tinderbox User's avatar
Tinderbox User committed
89
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
90
	    (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode:  Print
Tinderbox User's avatar
Tinderbox User committed
91
            only the key, with no explanatory text or usage examples;
Tinderbox User's avatar
Tinderbox User committed
92
            This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
Tinderbox User's avatar
Tinderbox User committed
93
	  </p></dd>
94
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
95
<dd><p>
96 97 98 99 100 101 102 103 104
            Specifies a source of random data for generating the
            authorization.  If the operating system does not provide a
            <code class="filename">/dev/random</code> or equivalent device, the
            default source of randomness is keyboard input.
            <code class="filename">randomdev</code> specifies the name of a
            character device or file containing random data to be used
            instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard input
            should be used.
Tinderbox User's avatar
Tinderbox User committed
105
	  </p></dd>
Automatic Updater's avatar
regen  
Automatic Updater committed
106
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
107
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
108
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
Tinderbox User's avatar
Tinderbox User committed
109
	    Generate configuration example to allow dynamic updates
Tinderbox User's avatar
Tinderbox User committed
110
            of a single hostname.  The example <span class="command"><strong>named.conf</strong></span>
Tinderbox User's avatar
Tinderbox User committed
111 112 113
            text shows how to set an update policy for the specified
            <em class="replaceable"><code>name</code></em>
	    using the "name" nametype.  The default key name is
Automatic Updater's avatar
regen  
Automatic Updater committed
114 115 116 117
	    ddns-key.<em class="replaceable"><code>name</code></em>.
	    Note that the "self" nametype cannot be used, since
	    the name to be updated may differ from the key name.
	    This option cannot be used with the <code class="option">-z</code> option.
Tinderbox User's avatar
Tinderbox User committed
118
	  </p></dd>
Automatic Updater's avatar
regen  
Automatic Updater committed
119
<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
120
<dd><p>
Tinderbox User's avatar
Tinderbox User committed
121
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
Tinderbox User's avatar
Tinderbox User committed
122
	    Generate configuration example to allow dynamic updates
Tinderbox User's avatar
Tinderbox User committed
123
            of a zone:  The example <span class="command"><strong>named.conf</strong></span> text
Automatic Updater's avatar
regen  
Automatic Updater committed
124 125
            shows how to set an update policy for the specified
	    <em class="replaceable"><code>zone</code></em>
Tinderbox User's avatar
Tinderbox User committed
126 127 128
	    using the "zonesub" nametype, allowing updates to
            all subdomain names within that
            <em class="replaceable"><code>zone</code></em>.
Automatic Updater's avatar
regen  
Automatic Updater committed
129
	    This option cannot be used with the <code class="option">-s</code> option.
Tinderbox User's avatar
Tinderbox User committed
130
	  </p></dd>
131
</dl></div>
Tinderbox User's avatar
Tinderbox User committed
132 133 134 135 136 137
</div>
<div class="refsection">
<a name="id-1.9"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
138 139
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
Tinderbox User's avatar
Tinderbox User committed
140
</div>
141 142
</div></body>
</html>