SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from Trustix bind-utils-9.2.2-9tr.i586.rpm

RNDC-CONFGEN

Section: (8)
Updated: Aug 27, 2001
Index 

NAME

rndc-confgen - rndc key generation tool 

SYNOPSIS

rndc-confgen [ -a ] [ -b keysize ] [ -c keyfile ] [ -h ] [ -k keyname ] [ -p port ] [ -r randomfile ] [ -s address ] [ -t chrootdir ] [ -u user ]  

DESCRIPTION

rndc-confgen generates configuration filesfor rndc. It can be used as aconvenient alternative to writing therndc.conf fileand the corresponding controlsand keystatements in named.conf by hand.Alternatively, it can be run with the -aoption to set up a rndc.key file andavoid the need for a rndc.conf fileand a controls statement altogether. 

OPTIONS

-a
Do automatic rndc configuration.This creates a file rndc.keyin /etc (or whateversysconfdirwas specified as when BIND was built)that is read by both rndcand named on startup. Therndc.key file defines a defaultcommand channel and authentication key allowingrndc to communicate withnamed with no further configuration.

Running rndc-confgen -a allowsBIND 9 and rndc to be used as drop-inreplacements for BIND 8 and ndc,with no changes to the existing BIND 8named.conf file.

-b keysize
Specifies the size of the authentication key in bits.Must be between 1 and 512 bits; the default is 128.
-c keyfile
Used with the -a option to specifyan alternate location for rndc.key.
-h
Prints a short summary of the options and arguments torndc-confgen.
-k keyname
Specifies the key name of the rndc authentication key.This must be a valid domain name.The default is rndc-key.
-p port
Specifies the command channel port where namedlistens for connections from rndc.The default is 953.
-r randomfile
Specifies a source of random data for generating theauthorization. If the operatingsystem does not provide a /dev/randomor equivalent device, the default source of randomnessis keyboard input. randomdev specifiesthe name of a character device or file containing randomdata to be used instead of the default. The special valuekeyboard indicates that keyboardinput should be used.
-s address
Specifies the IP address where namedlistens for command channel connections fromrndc. The default is the loopbackaddress 127.0.0.1.
-t chrootdir
Used with the -a option to specifya directory where named will runchrooted. An additional copy of the rndc.keywill be written relative to this directory so thatit will be found by the chrooted named.
-u user
Used with the -a option to set the ownerof the rndc.key file generated. If-t is also specified only the file inthe chroot area has its owner changed.
 

EXAMPLES

To allow rndc to be used withno manual configuration, run

rndc-confgen -a

To print a sample rndc.conf file andcorresponding controls and keystatements to be manually inserted into named.conf,run

rndc-confgen 

SEE ALSO

rndc(8),rndc.conf(5),named(8),BIND 9 Administrator Reference Manual. 

AUTHOR

Internet Software Consortium


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
SEE ALSO
AUTHOR

This document was created byman2html,using the manual pages.