Blob Blame History Raw
.\" Copyright (C) 2009, 2014-2016, 2018-2020 Internet Systems Consortium, Inc. ("ISC")
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
.\" file, You can obtain one at
.hy 0
.ad l
'\" t
.\"     Title: ddns-confgen
.\"    Author: 
.\" Generator: DocBook XSL Stylesheets v1.79.1 <>
.\"      Date: 2014-03-06
.\"    Manual: BIND9
.\"    Source: ISC
.\"  Language: English
.TH "DDNS\-CONFGEN" "8" "2014\-03\-06" "ISC" "BIND9"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" -----------------------------------------------------------------
ddns-confgen \- ddns key generation tool
.HP \w'\fBtsig\-keygen\fR\ 'u
\fBtsig\-keygen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-h\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [name]
.HP \w'\fBddns\-confgen\fR\ 'u
\fBddns\-confgen\fR [\fB\-a\ \fR\fB\fIalgorithm\fR\fR] [\fB\-h\fR] [\fB\-k\ \fR\fB\fIkeyname\fR\fR] [\fB\-q\fR] [\fB\-r\ \fR\fB\fIrandomfile\fR\fR] [\-s\ \fIname\fR | \-z\ \fIzone\fR]
are invocation methods for a utility that generates keys for use in TSIG signing\&. The resulting keys can be used, for example, to secure dynamic DNS updates to a zone or for the
command channel\&.
When run as
\fBtsig\-keygen\fR, a domain name can be specified on the command line which will be used as the name of the generated key\&. If no name is specified, the default is
When run as
\fBddns\-confgen\fR, the generated key is accompanied by configuration text and instructions that can be used with
when setting up dynamic DNS, including an example
statement\&. (This usage similar to the
command for setting up command channel security\&.)
Note that
itself can configure a local DDNS key for use with
\fBnsupdate \-l\fR: it does this when a zone is configured with
\fBupdate\-policy local;\fR\&.
is only needed when a more elaborate configuration is required: for instance, if
is to be used from a remote system\&.
\-a \fIalgorithm\fR
.RS 4
Specifies the algorithm to use for the TSIG key\&. Available choices are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384 and hmac\-sha512\&. The default is hmac\-sha256\&. Options are case\-insensitive, and the "hmac\-" prefix may be omitted\&.
.RS 4
Prints a short summary of options and arguments\&.
\-k \fIkeyname\fR
.RS 4
Specifies the key name of the DDNS authentication key\&. The default is
when neither the
option is specified; otherwise, the default is
as a separate label followed by the argument of the option, e\&.g\&.,
The key name must have the format of a valid domain name, consisting of letters, digits, hyphens and periods\&.
.RS 4
only\&.) Quiet mode: Print only the key, with no explanatory text or usage examples; This is essentially identical to
\-r \fIrandomfile\fR
.RS 4
Specifies a source of random data for generating the authorization\&. If the operating system does not provide a
or equivalent device, the default source of randomness is keyboard input\&.
specifies the name of a character device or file containing random data to be used instead of the default\&. The special value
indicates that keyboard input should be used\&.
\-s \fIname\fR
.RS 4
only\&.) Generate configuration example to allow dynamic updates of a single hostname\&. The example
text shows how to set an update policy for the specified
using the "name" nametype\&. The default key name is ddns\-key\&.\fIname\fR\&. Note that the "self" nametype cannot be used, since the name to be updated may differ from the key name\&. This option cannot be used with the
\-z \fIzone\fR
.RS 4
only\&.) Generate configuration example to allow dynamic updates of a zone: The example
text shows how to set an update policy for the specified
using the "zonesub" nametype, allowing updates to all subdomain names within that
\fIzone\fR\&. This option cannot be used with the
BIND 9 Administrator Reference Manual\&.
\fBInternet Systems Consortium, Inc\&.\fR
Copyright \(co 2009, 2014-2016, 2018-2020 Internet Systems Consortium, Inc. ("ISC")