diff options
Diffstat (limited to 'doc/man/ddns-confgen.8in')
-rw-r--r-- | doc/man/ddns-confgen.8in | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/doc/man/ddns-confgen.8in b/doc/man/ddns-confgen.8in new file mode 100644 index 0000000..e2a963d --- /dev/null +++ b/doc/man/ddns-confgen.8in @@ -0,0 +1,112 @@ +.\" Man page generated from reStructuredText. +. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.TH "DDNS-CONFGEN" "8" "@RELEASE_DATE@" "@PACKAGE_VERSION@" "BIND 9" +.SH NAME +ddns-confgen \- ddns key generation tool +.SH SYNOPSIS +.sp +\fBddns\-confgen\fP [\fB\-a\fP algorithm] [\fB\-h\fP] [\fB\-k\fP keyname] [\fB\-q\fP] [\fB\-s\fP name] [\fB\-z\fP zone] +.SH DESCRIPTION +.sp +\fBddns\-confgen\fP is an utility that generates keys for use in TSIG signing. +The resulting keys can be used, for example, to secure dynamic DNS updates +to a zone, or for the \fI\%rndc\fP command channel. +.sp +The key name can specified using \fI\%\-k\fP parameter and defaults to \fBddns\-key\fP\&. +The generated key is accompanied by configuration text and instructions that +can be used with \fI\%nsupdate\fP and \fI\%named\fP when setting up dynamic DNS, +including an example \fBupdate\-policy\fP statement. +(This usage is similar to the \fI\%rndc\-confgen\fP command for setting up +command\-channel security.) +.sp +Note that \fI\%named\fP itself can configure a local DDNS key for use with +\fI\%nsupdate \-l\fP; it does this when a zone is configured with +\fBupdate\-policy local;\fP\&. \fBddns\-confgen\fP is only needed when a more +elaborate configuration is required: for instance, if \fI\%nsupdate\fP is to +be used from a remote system. +.SH OPTIONS +.INDENT 0.0 +.TP +.B \-a algorithm +This option specifies the algorithm to use for the TSIG key. Available +choices are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384, +and hmac\-sha512. The default is hmac\-sha256. Options are +case\-insensitive, and the \(dqhmac\-\(dq prefix may be omitted. +.UNINDENT +.INDENT 0.0 +.TP +.B \-h +This option prints a short summary of options and arguments. +.UNINDENT +.INDENT 0.0 +.TP +.B \-k keyname +This option specifies the key name of the DDNS authentication key. The +default is \fBddns\-key\fP when neither the \fI\%\-s\fP nor \fI\%\-z\fP option is +specified; otherwise, the default is \fBddns\-key\fP as a separate label +followed by the argument of the option, e.g., \fBddns\-key.example.com.\fP +The key name must have the format of a valid domain name, consisting of +letters, digits, hyphens, and periods. +.UNINDENT +.INDENT 0.0 +.TP +.B \-q +This option enables quiet mode, which prints only the key, with no +explanatory text or usage examples. This is essentially identical to +\fI\%tsig\-keygen\fP\&. +.UNINDENT +.INDENT 0.0 +.TP +.B \-s name +This option generates a configuration example to allow dynamic updates +of a single hostname. The example \fI\%named.conf\fP text shows how to set +an update policy for the specified name using the \(dqname\(dq nametype. The +default key name is \fBddns\-key.name\fP\&. Note that the \(dqself\(dq nametype +cannot be used, since the name to be updated may differ from the key +name. This option cannot be used with the \fI\%\-z\fP option. +.UNINDENT +.INDENT 0.0 +.TP +.B \-z zone +This option generates a configuration example to allow +dynamic updates of a zone. The example \fI\%named.conf\fP text shows how +to set an update policy for the specified zone using the \(dqzonesub\(dq +nametype, allowing updates to all subdomain names within that zone. +This option cannot be used with the \fI\%\-s\fP option. +.UNINDENT +.SH SEE ALSO +.sp +\fI\%nsupdate(1)\fP, \fI\%named.conf(5)\fP, \fI\%named(8)\fP, BIND 9 Administrator Reference Manual. +.SH AUTHOR +Internet Systems Consortium +.SH COPYRIGHT +2023, Internet Systems Consortium +.\" Generated by docutils manpage writer. +. |