summaryrefslogtreecommitdiffstats
path: root/doc/man/rndc-confgen.8in
diff options
context:
space:
mode:
Diffstat (limited to 'doc/man/rndc-confgen.8in')
-rw-r--r--doc/man/rndc-confgen.8in141
1 files changed, 141 insertions, 0 deletions
diff --git a/doc/man/rndc-confgen.8in b/doc/man/rndc-confgen.8in
new file mode 100644
index 0000000..fa20381
--- /dev/null
+++ b/doc/man/rndc-confgen.8in
@@ -0,0 +1,141 @@
+.\" Man page generated from reStructuredText.
+.
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.TH "RNDC-CONFGEN" "8" "@RELEASE_DATE@" "@PACKAGE_VERSION@" "BIND 9"
+.SH NAME
+rndc-confgen \- rndc key generation tool
+.SH SYNOPSIS
+.sp
+\fBrndc\-confgen\fP [\fB\-a\fP] [\fB\-A\fP algorithm] [\fB\-b\fP keysize] [\fB\-c\fP keyfile] [\fB\-h\fP] [\fB\-k\fP keyname] [\fB\-p\fP port] [\fB\-s\fP address] [\fB\-t\fP chrootdir] [\fB\-u\fP user]
+.SH DESCRIPTION
+.sp
+\fBrndc\-confgen\fP generates configuration files for \fI\%rndc\fP\&. It can be
+used as a convenient alternative to writing the \fI\%rndc.conf\fP file and
+the corresponding \fBcontrols\fP and \fBkey\fP statements in \fI\%named.conf\fP
+by hand. Alternatively, it can be run with the \fI\%\-a\fP option to set up a
+\fBrndc.key\fP file and avoid the need for a \fI\%rndc.conf\fP file and a
+\fBcontrols\fP statement altogether.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+.B \-a
+This option sets automatic \fI\%rndc\fP configuration, which creates a file
+\fB@sysconfdir@/rndc.key\fP that is read by both \fI\%rndc\fP and \fI\%named\fP on startup.
+The \fBrndc.key\fP file defines a default command channel and
+authentication key allowing \fI\%rndc\fP to communicate with \fI\%named\fP on
+the local host with no further configuration.
+.sp
+If a more elaborate configuration than that generated by
+\fI\%rndc\-confgen \-a\fP is required, for example if rndc is to be used
+remotely, run \fBrndc\-confgen\fP without the \fI\%\-a\fP option
+and set up \fI\%rndc.conf\fP and \fI\%named.conf\fP as directed.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-A algorithm
+This option specifies the algorithm to use for the TSIG key. Available choices
+are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384, and
+hmac\-sha512. The default is hmac\-sha256.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-b keysize
+This option specifies the size of the authentication key in bits. The size must be between
+1 and 512 bits; the default is the hash size.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-c keyfile
+This option is used with the \fI\%\-a\fP option to specify an alternate location for
+\fBrndc.key\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-h
+This option prints a short summary of the options and arguments to
+\fBrndc\-confgen\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-k keyname
+This option specifies the key name of the \fI\%rndc\fP authentication key. This must be a
+valid domain name. The default is \fBrndc\-key\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-p port
+This option specifies the command channel port where \fI\%named\fP listens for
+connections from \fI\%rndc\fP\&. The default is 953.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-q
+This option prevets printing the written path in automatic configuration mode.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-s address
+This option specifies the IP address where \fI\%named\fP listens for command\-channel
+connections from \fI\%rndc\fP\&. The default is the loopback address
+127.0.0.1.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-t chrootdir
+This option is used with the \fI\%\-a\fP option to specify a directory where \fI\%named\fP
+runs chrooted. An additional copy of the \fBrndc.key\fP is
+written relative to this directory, so that it is found by the
+chrooted \fI\%named\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-u user
+This option is used with the \fI\%\-a\fP option to set the owner of the generated \fBrndc.key\fP file.
+If \fI\%\-t\fP is also specified, only the file in the chroot
+area has its owner changed.
+.UNINDENT
+.SH EXAMPLES
+.sp
+To allow \fI\%rndc\fP to be used with no manual configuration, run:
+.sp
+\fBrndc\-confgen \-a\fP
+.sp
+To print a sample \fI\%rndc.conf\fP file and the corresponding \fBcontrols\fP and
+\fBkey\fP statements to be manually inserted into \fI\%named.conf\fP, run:
+.sp
+\fBrndc\-confgen\fP
+.SH SEE ALSO
+.sp
+\fI\%rndc(8)\fP, \fI\%rndc.conf(5)\fP, \fI\%named(8)\fP, BIND 9 Administrator Reference Manual.
+.SH AUTHOR
+Internet Systems Consortium
+.SH COPYRIGHT
+2023, Internet Systems Consortium
+.\" Generated by docutils manpage writer.
+.