bind/doc/man/ddns-confgen.8in

.\" Man page generated from reStructuredText.
.
.TH "DDNS-CONFGEN" "8" "@RELEASE_DATE@" "@BIND9_VERSION@" "BIND 9"
.SH NAME
ddns-confgen \- ddns key generation tool
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.SH SYNOPSIS
.sp
\fBtsig\-keygen\fP [\fB\-a\fP algorithm] [\fB\-h\fP] [\fB\-r\fP randomfile] [name]
.sp
\fBddns\-confgen\fP [\fB\-a\fP algorithm] [\fB\-h\fP] [\fB\-k\fP keyname] [\fB\-q\fP] [\fB\-r\fP randomfile] [\fB\-s\fP name] [\fB\-z\fP zone]
.SH DESCRIPTION
.sp
\fBtsig\-keygen\fP and \fBddns\-confgen\fP are invocation methods for a
utility that generates keys for use in TSIG signing. The resulting keys
can be used, for example, to secure dynamic DNS updates to a zone or for
the \fBrndc\fP command channel.
.sp
When run as \fBtsig\-keygen\fP, a domain name can be specified on the
command line which will be used as the name of the generated key. If no
name is specified, the default is \fBtsig\-key\fP\&.
.sp
When run as \fBddns\-confgen\fP, the generated key is accompanied by
configuration text and instructions that can be used with \fBnsupdate\fP
and \fBnamed\fP when setting up dynamic DNS, including an example
\fBupdate\-policy\fP statement. (This usage similar to the \fBrndc\-confgen\fP
command for setting up command channel security.)
.sp
Note that \fBnamed\fP itself can configure a local DDNS key for use with
\fBnsupdate \-l\fP: it does this when a zone is configured with
\fBupdate\-policy local;\fP\&. \fBddns\-confgen\fP is only needed when a more
elaborate configuration is required: for instance, if \fBnsupdate\fP is to
be used from a remote system.
.SH OPTIONS
.INDENT 0.0
.TP
\fB\-a\fP algorithm
Specifies the algorithm to use for the TSIG key. Available choices
are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384 and
hmac\-sha512. The default is hmac\-sha256. Options are
case\-insensitive, and the "hmac\-" prefix may be omitted.
.TP
\fB\-h\fP
Prints a short summary of options and arguments.
.TP
\fB\-k\fP keyname
Specifies the key name of the DDNS authentication key. The default is
\fBddns\-key\fP when neither the \fB\-s\fP nor \fB\-z\fP option is specified;
otherwise, the default is \fBddns\-key\fP as a separate label followed
by the argument of the option, e.g., \fBddns\-key.example.com.\fP The
key name must have the format of a valid domain name, consisting of
letters, digits, hyphens and periods.
.TP
\fB\-q\fP
(\fBddns\-confgen\fP only.) Quiet mode: Print only the key, with no
explanatory text or usage examples; This is essentially identical to
\fBtsig\-keygen\fP\&.
.TP
\fB\-s\fP name
(\fBddns\-confgen\fP only.) Generate configuration example to allow
dynamic updates of a single hostname. The example \fBnamed.conf\fP text
shows how to set an update policy for the specified name using the
"name" nametype. The default key name is ddns\-key.name. Note that the
"self" nametype cannot be used, since the name to be updated may
differ from the key name. This option cannot be used with the \fB\-z\fP
option.
.TP
\fB\-z\fP zone
(\fBddns\-confgen\fP only.) Generate configuration example to allow
dynamic updates of a zone: The example \fBnamed.conf\fP text shows how
to set an update policy for the specified zone using the "zonesub"
nametype, allowing updates to all subdomain names within that zone.
This option cannot be used with the \fB\-s\fP option.
.UNINDENT
.SH SEE ALSO
.sp
\fBnsupdate(1)\fP, \fBnamed.conf(5)\fP, \fBnamed(8)\fP, BIND 9 Administrator Reference Manual.
.SH AUTHOR
Internet Systems Consortium
.SH COPYRIGHT
2020, Internet Systems Consortium
.\" Generated by docutils manpage writer.
.