Annotation of src/external/mpl/bind/dist/bin/confgen/rndc-confgen.html, Revision 1.1.1.1
1.1 christos 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
2: <!--
3: - Copyright (C) 2001, 2003-2005, 2007, 2009, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
4: -
5: - This Source Code Form is subject to the terms of the Mozilla Public
6: - License, v. 2.0. If a copy of the MPL was not distributed with this
7: - file, You can obtain one at http://mozilla.org/MPL/2.0/.
8: -->
9: <html lang="en">
10: <head>
11: <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
12: <title>rndc-confgen</title>
13: <meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
14: </head>
15: <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
16: <a name="man.rndc-confgen"></a><div class="titlepage"></div>
17:
18:
19:
20:
21:
22: <div class="refnamediv">
23: <h2>Name</h2>
24: <p>
25: <span class="application">rndc-confgen</span>
26: — rndc key generation tool
27: </p>
28: </div>
29:
30:
31:
32: <div class="refsynopsisdiv">
33: <h2>Synopsis</h2>
34: <div class="cmdsynopsis"><p>
35: <code class="command">rndc-confgen</code>
36: [<code class="option">-a</code>]
37: [<code class="option">-A <em class="replaceable"><code>algorithm</code></em></code>]
38: [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>]
39: [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>]
40: [<code class="option">-h</code>]
41: [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>]
42: [<code class="option">-p <em class="replaceable"><code>port</code></em></code>]
43: [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
44: [<code class="option">-s <em class="replaceable"><code>address</code></em></code>]
45: [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>]
46: [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]
47: </p></div>
48: </div>
49:
50: <div class="refsection">
51: <a name="id-1.7"></a><h2>DESCRIPTION</h2>
52:
53: <p><span class="command"><strong>rndc-confgen</strong></span>
54: generates configuration files
55: for <span class="command"><strong>rndc</strong></span>. It can be used as a
56: convenient alternative to writing the
57: <code class="filename">rndc.conf</code> file
58: and the corresponding <span class="command"><strong>controls</strong></span>
59: and <span class="command"><strong>key</strong></span>
60: statements in <code class="filename">named.conf</code> by hand.
61: Alternatively, it can be run with the <span class="command"><strong>-a</strong></span>
62: option to set up a <code class="filename">rndc.key</code> file and
63: avoid the need for a <code class="filename">rndc.conf</code> file
64: and a <span class="command"><strong>controls</strong></span> statement altogether.
65: </p>
66:
67: </div>
68:
69: <div class="refsection">
70: <a name="id-1.8"></a><h2>OPTIONS</h2>
71:
72:
73: <div class="variablelist"><dl class="variablelist">
74: <dt><span class="term">-a</span></dt>
75: <dd>
76: <p>
77: Do automatic <span class="command"><strong>rndc</strong></span> configuration.
78: This creates a file <code class="filename">rndc.key</code>
79: in <code class="filename">/etc</code> (or whatever
80: <code class="varname">sysconfdir</code>
81: was specified as when <acronym class="acronym">BIND</acronym> was
82: built)
83: that is read by both <span class="command"><strong>rndc</strong></span>
84: and <span class="command"><strong>named</strong></span> on startup. The
85: <code class="filename">rndc.key</code> file defines a default
86: command channel and authentication key allowing
87: <span class="command"><strong>rndc</strong></span> to communicate with
88: <span class="command"><strong>named</strong></span> on the local host
89: with no further configuration.
90: </p>
91: <p>
92: Running <span class="command"><strong>rndc-confgen -a</strong></span> allows
93: BIND 9 and <span class="command"><strong>rndc</strong></span> to be used as
94: drop-in
95: replacements for BIND 8 and <span class="command"><strong>ndc</strong></span>,
96: with no changes to the existing BIND 8
97: <code class="filename">named.conf</code> file.
98: </p>
99: <p>
100: If a more elaborate configuration than that
101: generated by <span class="command"><strong>rndc-confgen -a</strong></span>
102: is required, for example if rndc is to be used remotely,
103: you should run <span class="command"><strong>rndc-confgen</strong></span> without
104: the
105: <span class="command"><strong>-a</strong></span> option and set up a
106: <code class="filename">rndc.conf</code> and
107: <code class="filename">named.conf</code>
108: as directed.
109: </p>
110: </dd>
111: <dt><span class="term">-A <em class="replaceable"><code>algorithm</code></em></span></dt>
112: <dd>
113: <p>
114: Specifies the algorithm to use for the TSIG key. Available
115: choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
116: hmac-sha384 and hmac-sha512. The default is hmac-sha256.
117: </p>
118: </dd>
119: <dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
120: <dd>
121: <p>
122: Specifies the size of the authentication key in bits.
123: Must be between 1 and 512 bits; the default is the
124: hash size.
125: </p>
126: </dd>
127: <dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
128: <dd>
129: <p>
130: Used with the <span class="command"><strong>-a</strong></span> option to specify
131: an alternate location for <code class="filename">rndc.key</code>.
132: </p>
133: </dd>
134: <dt><span class="term">-h</span></dt>
135: <dd>
136: <p>
137: Prints a short summary of the options and arguments to
138: <span class="command"><strong>rndc-confgen</strong></span>.
139: </p>
140: </dd>
141: <dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
142: <dd>
143: <p>
144: Specifies the key name of the rndc authentication key.
145: This must be a valid domain name.
146: The default is <code class="constant">rndc-key</code>.
147: </p>
148: </dd>
149: <dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
150: <dd>
151: <p>
152: Specifies the command channel port where <span class="command"><strong>named</strong></span>
153: listens for connections from <span class="command"><strong>rndc</strong></span>.
154: The default is 953.
155: </p>
156: </dd>
157: <dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
158: <dd>
159: <p>
160: Specifies a source of random data for generating the
161: authorization. If the operating
162: system does not provide a <code class="filename">/dev/random</code>
163: or equivalent device, the default source of randomness
164: is keyboard input. <code class="filename">randomdev</code>
165: specifies
166: the name of a character device or file containing random
167: data to be used instead of the default. The special value
168: <code class="filename">keyboard</code> indicates that keyboard
169: input should be used.
170: </p>
171: </dd>
172: <dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
173: <dd>
174: <p>
175: Specifies the IP address where <span class="command"><strong>named</strong></span>
176: listens for command channel connections from
177: <span class="command"><strong>rndc</strong></span>. The default is the loopback
178: address 127.0.0.1.
179: </p>
180: </dd>
181: <dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
182: <dd>
183: <p>
184: Used with the <span class="command"><strong>-a</strong></span> option to specify
185: a directory where <span class="command"><strong>named</strong></span> will run
186: chrooted. An additional copy of the <code class="filename">rndc.key</code>
187: will be written relative to this directory so that
188: it will be found by the chrooted <span class="command"><strong>named</strong></span>.
189: </p>
190: </dd>
191: <dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
192: <dd>
193: <p>
194: Used with the <span class="command"><strong>-a</strong></span> option to set the
195: owner
196: of the <code class="filename">rndc.key</code> file generated.
197: If
198: <span class="command"><strong>-t</strong></span> is also specified only the file
199: in
200: the chroot area has its owner changed.
201: </p>
202: </dd>
203: </dl></div>
204: </div>
205:
206: <div class="refsection">
207: <a name="id-1.9"></a><h2>EXAMPLES</h2>
208:
209: <p>
210: To allow <span class="command"><strong>rndc</strong></span> to be used with
211: no manual configuration, run
212: </p>
213: <p><strong class="userinput"><code>rndc-confgen -a</code></strong>
214: </p>
215: <p>
216: To print a sample <code class="filename">rndc.conf</code> file and
217: corresponding <span class="command"><strong>controls</strong></span> and <span class="command"><strong>key</strong></span>
218: statements to be manually inserted into <code class="filename">named.conf</code>,
219: run
220: </p>
221: <p><strong class="userinput"><code>rndc-confgen</code></strong>
222: </p>
223: </div>
224:
225: <div class="refsection">
226: <a name="id-1.10"></a><h2>SEE ALSO</h2>
227:
228: <p><span class="citerefentry">
229: <span class="refentrytitle">rndc</span>(8)
230: </span>,
231: <span class="citerefentry">
232: <span class="refentrytitle">rndc.conf</span>(5)
233: </span>,
234: <span class="citerefentry">
235: <span class="refentrytitle">named</span>(8)
236: </span>,
237: <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
238: </p>
239: </div>
240:
241: </div></body>
242: </html>
CVSweb <webmaster@jp.NetBSD.org>