# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-# $Id: Makefile.in,v 1.31 2001/08/03 22:03:10 gson Exp $
+# $Id: Makefile.in,v 1.32 2001/08/28 17:29:34 gson Exp $
srcdir = @srcdir@
VPATH = @srcdir@
TARGETS = rndc rndc-confgen
-MANPAGES = rndc.8 rndc.conf.5
+MANPAGES = rndc.8 rndc-confgen.8 rndc.conf.5
-HTMLPAGES = rndc.html rndc.conf.html
+HTMLPAGES = rndc.html rndc-confgen.html rndc.conf.html
MANOBJS = ${MANPAGES} ${HTMLPAGES}
--- /dev/null
+.\"
+.\" Copyright (C) 2000, 2001 Internet Software Consortium.
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.TH "RNDC-CONFGEN" "8" "Aug 27, 2001" "BIND9" ""
+.SH NAME
+rndc-confgen \- rndc key generation tool
+.SH SYNOPSIS
+.sp
+\fBrndc-confgen\fR [ \fB-a\fR ] [ \fB-b \fIkeysize\fB\fR ] [ \fB-c \fIkeyfile\fB\fR ] [ \fB-h\fR ] [ \fB-k \fIkeyname\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-r \fIrandomfile\fB\fR ] [ \fB-s \fIaddress\fB\fR ] [ \fB-t \fIchrootdir\fB\fR ] [ \fB-u \fIuser\fB\fR ]
+.SH "DESCRIPTION"
+.PP
+\fBrndc-confgen\fR generates configuration files
+for \fBrndc\fR. It can be used as a
+convenient alternative to writing the
+\fIrndc.conf\fR file
+and the corresponding \fBcontrols\fR
+and \fBkey\fR
+statements in \fInamed.conf\fR by hand.
+Alternatively, it can be run with the \fB-a\fR
+option to set up a \fIrndc.key\fR file and
+avoid the need for a \fIrndc.conf\fR file
+and a \fBcontrols\fR statement altogether.
+.SH "OPTIONS"
+.TP
+\fB-a\fR
+Do automatic \fBrndc\fR configuration.
+This creates a file \fIrndc.key\fR
+in \fI/etc\fR (or whatever
+sysconfdir
+was specified as when BIND was built)
+that is read by both \fBrndc\fR
+and \fBnamed\fR on startup. The
+\fIrndc.key\fR file defines a default
+command channel and authentication key allowing
+\fBrndc\fR to communicate with
+\fBnamed\fR with no further configuration.
+
+Running \fBrndc-confgen -a\fR allows
+BIND 9 and \fBrndc\fR to be used as drop-in
+replacements for BIND 8 and \fBndc\fR,
+with no changes to the existing BIND 8
+\fInamed.conf\fR file.
+.TP
+\fB-b \fIkeysize\fB\fR
+Specifies the size of the authentication key in bits.
+Must be between 1 and 512 bits; the default is 128.
+.TP
+\fB-c \fIkeyfile\fB\fR
+Used with the \fB-a\fR option to specify
+an alternate location for \fIrndc.key\fR.
+.TP
+\fB-h\fR
+Prints a short summary of the options and arguments to
+\fBrndc-confgen\fR.
+.TP
+\fB-k \fIkeyname\fB\fR
+Specifies the key name of the rndc authentication key.
+This must be a valid domain name.
+The default is rndc-key.
+.TP
+\fB-p \fIport\fB\fR
+Specifies the command channel port where \fBnamed\fR
+listens for connections from \fBrndc\fR.
+The default is 953.
+.TP
+\fB-r \fIrandomfile\fB\fR
+Specifies a source of random data for generating the
+authoriazation. If the operating
+system does not provide a \fI/dev/random\fR
+or equivalent device, the default source of randomness
+is keyboard input. \fIrandomdev\fR specifies
+the name of a character device or file containing random
+data to be used instead of the default. The special value
+\fIkeyboard\fR indicates that keyboard
+input should be used.
+.TP
+\fB-p \fIprotocol\fB\fR
+Sets the protocol value for the generated key. The protocol
+is a number between 0 and 255. The default is 2 (email) for
+keys of type USER and 3 (DNSSEC) for all other key types.
+Other possible values for this argument are listed in
+RFC 2535 and its successors.
+.TP
+\fB-s \fIaddress\fB\fR
+Specifies the IP address where \fBnamed\fR
+listens for command channel connections from
+\fBrndc\fR. The default is the loopback
+address 127.0.0.1.
+.TP
+\fB-t \fIchrootdir\fB\fR
+Used with the \fB-a\fR option to specify
+a directory where \fBnamed\fR will run
+chrooted. An additional copy of the \fIrndc.key\fR
+will be written relative to this directory so that
+it will be found by the chrooted \fBnamed\fR.
+.TP
+\fB-u \fIuser\fB\fR
+Used with the \fB-a\fR option to set the owner
+of the \fIrndc.key\fR file generated.
+.SH "EXAMPLES"
+.PP
+To allow \fBrndc\fR to be used with
+no manual configuration, run
+.PP
+\fBrndc-confgen -a\fR
+.PP
+To print a sample \fIrndc.conf\fR file and
+corresponding \fBcontrols\fR and \fBkey\fR
+statements to be manually inserted into \fInamed.conf\fR,
+run
+.PP
+\fBrndc-confgen\fR
+.SH "SEE ALSO"
+.PP
+\fBrndc\fR(8),
+\fBrndc.conf\fR(5),
+\fBnamed\fR(8),
+\fIBIND 9 Administrator Reference Manual\fR.
+.SH "AUTHOR"
+.PP
+Internet Software Consortium
--- /dev/null
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
+<!--
+ - Copyright (C) 2001 Internet Software Consortium.
+ -
+ - Permission to use, copy, modify, and distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ -
+ - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+-->
+
+<!-- $Id: rndc-confgen.docbook,v 1.1 2001/08/28 17:29:35 gson Exp $ -->
+
+<refentry>
+ <refentryinfo>
+ <date>Aug 27, 2001</date>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle><application>rndc-confgen</application></refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo>BIND9</refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname><application>rndc-confgen</application></refname>
+ <refpurpose>rndc key generation tool</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>rndc-confgen</command>
+ <arg><option>-a</option></arg>
+ <arg><option>-b <replaceable class="parameter">keysize</replaceable></option></arg>
+ <arg><option>-c <replaceable class="parameter">keyfile</replaceable></option></arg>
+ <arg><option>-h</option></arg>
+ <arg><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>
+ <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
+ <arg><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
+ <arg><option>-s <replaceable class="parameter">address</replaceable></option></arg>
+ <arg><option>-t <replaceable class="parameter">chrootdir</replaceable></option></arg>
+ <arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>DESCRIPTION</title>
+ <para>
+ <command>rndc-confgen</command> generates configuration files
+ for <command>rndc</command>. It can be used as a
+ convenient alternative to writing the
+ <filename>rndc.conf</filename> file
+ and the corresponding <command>controls</command>
+ and <command>key</command>
+ statements in <filename>named.conf</filename> by hand.
+ Alternatively, it can be run with the <command>-a</command>
+ option to set up a <filename>rndc.key</filename> file and
+ avoid the need for a <filename>rndc.conf</filename> file
+ and a <command>controls</command> statement altogether.
+ </para>
+
+ </refsect1>
+
+ <refsect1>
+ <title>OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>-a</term>
+ <listitem>
+ <para>
+ Do automatic <command>rndc</command> configuration.
+ This creates a file <filename>rndc.key</filename>
+ in <filename>/etc</filename> (or whatever
+ <varname>sysconfdir</varname>
+ was specified as when <acronym>BIND</acronym> was built)
+ that is read by both <command>rndc</command>
+ and <command>named</command> on startup. The
+ <filename>rndc.key</filename> file defines a default
+ command channel and authentication key allowing
+ <command>rndc</command> to communicate with
+ <command>named</command> with no further configuration.
+ </para>
+ <para>
+ Running <command>rndc-confgen -a</command> allows
+ BIND 9 and <command>rndc</command> to be used as drop-in
+ replacements for BIND 8 and <command>ndc</command>,
+ with no changes to the existing BIND 8
+ <filename>named.conf</filename> file.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-b <replaceable class="parameter">keysize</replaceable></term>
+ <listitem>
+ <para>
+ Specifies the size of the authentication key in bits.
+ Must be between 1 and 512 bits; the default is 128.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-c <replaceable class="parameter">keyfile</replaceable></term>
+ <listitem>
+ <para>
+ Used with the <command>-a</command> option to specify
+ an alternate location for <filename>rndc.key</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-h</term>
+ <listitem>
+ <para>
+ Prints a short summary of the options and arguments to
+ <command>rndc-confgen</command>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-k <replaceable class="parameter">keyname</replaceable></term>
+ <listitem>
+ <para>
+ Specifies the key name of the rndc authentication key.
+ This must be a valid domain name.
+ The default is <constant>rndc-key</constant>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-p <replaceable class="parameter">port</replaceable></term>
+ <listitem>
+ <para>
+ Specifies the command channel port where <command>named</command>
+ listens for connections from <command>rndc</command>.
+ The default is 953.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-r <replaceable class="parameter">randomfile</replaceable></term>
+ <listitem>
+ <para>
+ Specifies a source of random data for generating the
+ authoriazation. If the operating
+ system does not provide a <filename>/dev/random</filename>
+ or equivalent device, the default source of randomness
+ is keyboard input. <filename>randomdev</filename> specifies
+ the name of a character device or file containing random
+ data to be used instead of the default. The special value
+ <filename>keyboard</filename> indicates that keyboard
+ input should be used.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-p <replaceable class="parameter">protocol</replaceable></term>
+ <listitem>
+ <para>
+ Sets the protocol value for the generated key. The protocol
+ is a number between 0 and 255. The default is 2 (email) for
+ keys of type USER and 3 (DNSSEC) for all other key types.
+ Other possible values for this argument are listed in
+ RFC 2535 and its successors.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-s <replaceable class="parameter">address</replaceable></term>
+ <listitem>
+ <para>
+ Specifies the IP address where <command>named</command>
+ listens for command channel connections from
+ <command>rndc</command>. The default is the loopback
+ address 127.0.0.1.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-t <replaceable class="parameter">chrootdir</replaceable></term>
+ <listitem>
+ <para>
+ Used with the <command>-a</command> option to specify
+ a directory where <command>named</command> will run
+ chrooted. An additional copy of the <filename>rndc.key</filename>
+ will be written relative to this directory so that
+ it will be found by the chrooted <command>named</command>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-u <replaceable class="parameter">user</replaceable></term>
+ <listitem>
+ <para>
+ Used with the <command>-a</command> option to set the owner
+ of the <filename>rndc.key</filename> file generated.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>EXAMPLES</title>
+ <para>
+ To allow <command>rndc</command> to be used with
+ no manual configuration, run
+ </para>
+ <para>
+ <userinput>rndc-confgen -a</userinput>
+ </para>
+ <para>
+ To print a sample <filename>rndc.conf</filename> file and
+ corresponding <command>controls</command> and <command>key</command>
+ statements to be manually inserted into <filename>named.conf</filename>,
+ run
+ </para>
+ <para>
+ <userinput>rndc-confgen</userinput>
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>rndc</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>rndc.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>named</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>AUTHOR</title>
+ <para>
+ <corpauthor>Internet Software Consortium</corpauthor>
+ </para>
+ </refsect1>
+
+</refentry>
+
+<!--
+ - Local variables:
+ - mode: sgml
+ - End:
+-->
--- /dev/null
+<!--
+ - Copyright (C) 2000, 2001 Internet Software Consortium.
+ -
+ - Permission to use, copy, modify, and distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ -
+ - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+-->
+<HTML
+><HEAD
+><TITLE
+>rndc-confgen</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+"></HEAD
+><BODY
+CLASS="REFENTRY"
+BGCOLOR="#FFFFFF"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><H1
+><A
+NAME="AEN1"
+><SPAN
+CLASS="APPLICATION"
+>rndc-confgen</SPAN
+></A
+></H1
+><DIV
+CLASS="REFNAMEDIV"
+><A
+NAME="AEN9"
+></A
+><H2
+>Name</H2
+><SPAN
+CLASS="APPLICATION"
+>rndc-confgen</SPAN
+> -- rndc key generation tool</DIV
+><DIV
+CLASS="REFSYNOPSISDIV"
+><A
+NAME="AEN13"
+></A
+><H2
+>Synopsis</H2
+><P
+><B
+CLASS="COMMAND"
+>rndc-confgen</B
+> [<TT
+CLASS="OPTION"
+>-a</TT
+>] [<TT
+CLASS="OPTION"
+>-b <TT
+CLASS="REPLACEABLE"
+><I
+>keysize</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-c <TT
+CLASS="REPLACEABLE"
+><I
+>keyfile</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-h</TT
+>] [<TT
+CLASS="OPTION"
+>-k <TT
+CLASS="REPLACEABLE"
+><I
+>keyname</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-p <TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-r <TT
+CLASS="REPLACEABLE"
+><I
+>randomfile</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-s <TT
+CLASS="REPLACEABLE"
+><I
+>address</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-t <TT
+CLASS="REPLACEABLE"
+><I
+>chrootdir</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
+>-u <TT
+CLASS="REPLACEABLE"
+><I
+>user</I
+></TT
+></TT
+>]</P
+></DIV
+><DIV
+CLASS="REFSECT1"
+><A
+NAME="AEN44"
+></A
+><H2
+>DESCRIPTION</H2
+><P
+> <B
+CLASS="COMMAND"
+>rndc-confgen</B
+> generates configuration files
+ for <B
+CLASS="COMMAND"
+>rndc</B
+>. It can be used as a
+ convenient alternative to writing the
+ <TT
+CLASS="FILENAME"
+>rndc.conf</TT
+> file
+ and the corresponding <B
+CLASS="COMMAND"
+>controls</B
+>
+ and <B
+CLASS="COMMAND"
+>key</B
+>
+ statements in <TT
+CLASS="FILENAME"
+>named.conf</TT
+> by hand.
+ Alternatively, it can be run with the <B
+CLASS="COMMAND"
+>-a</B
+>
+ option to set up a <TT
+CLASS="FILENAME"
+>rndc.key</TT
+> file and
+ avoid the need for a <TT
+CLASS="FILENAME"
+>rndc.conf</TT
+> file
+ and a <B
+CLASS="COMMAND"
+>controls</B
+> statement altogether.
+ </P
+></DIV
+><DIV
+CLASS="REFSECT1"
+><A
+NAME="AEN57"
+></A
+><H2
+>OPTIONS</H2
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>-a</DT
+><DD
+><P
+> Do automatic <B
+CLASS="COMMAND"
+>rndc</B
+> configuration.
+ This creates a file <TT
+CLASS="FILENAME"
+>rndc.key</TT
+>
+ in <TT
+CLASS="FILENAME"
+>/etc</TT
+> (or whatever
+ <TT
+CLASS="VARNAME"
+>sysconfdir</TT
+>
+ was specified as when <SPAN
+CLASS="ACRONYM"
+>BIND</SPAN
+> was built)
+ that is read by both <B
+CLASS="COMMAND"
+>rndc</B
+>
+ and <B
+CLASS="COMMAND"
+>named</B
+> on startup. The
+ <TT
+CLASS="FILENAME"
+>rndc.key</TT
+> file defines a default
+ command channel and authentication key allowing
+ <B
+CLASS="COMMAND"
+>rndc</B
+> to communicate with
+ <B
+CLASS="COMMAND"
+>named</B
+> with no further configuration.
+ </P
+><P
+> Running <B
+CLASS="COMMAND"
+>rndc-confgen -a</B
+> allows
+ BIND 9 and <B
+CLASS="COMMAND"
+>rndc</B
+> to be used as drop-in
+ replacements for BIND 8 and <B
+CLASS="COMMAND"
+>ndc</B
+>,
+ with no changes to the existing BIND 8
+ <TT
+CLASS="FILENAME"
+>named.conf</TT
+> file.
+ </P
+></DD
+><DT
+>-b <TT
+CLASS="REPLACEABLE"
+><I
+>keysize</I
+></TT
+></DT
+><DD
+><P
+> Specifies the size of the authentication key in bits.
+ Must be between 1 and 512 bits; the default is 128.
+ </P
+></DD
+><DT
+>-c <TT
+CLASS="REPLACEABLE"
+><I
+>keyfile</I
+></TT
+></DT
+><DD
+><P
+> Used with the <B
+CLASS="COMMAND"
+>-a</B
+> option to specify
+ an alternate location for <TT
+CLASS="FILENAME"
+>rndc.key</TT
+>.
+ </P
+></DD
+><DT
+>-h</DT
+><DD
+><P
+> Prints a short summary of the options and arguments to
+ <B
+CLASS="COMMAND"
+>rndc-confgen</B
+>.
+ </P
+></DD
+><DT
+>-k <TT
+CLASS="REPLACEABLE"
+><I
+>keyname</I
+></TT
+></DT
+><DD
+><P
+> Specifies the key name of the rndc authentication key.
+ This must be a valid domain name.
+ The default is <TT
+CLASS="CONSTANT"
+>rndc-key</TT
+>.
+ </P
+></DD
+><DT
+>-p <TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+></DT
+><DD
+><P
+> Specifies the command channel port where <B
+CLASS="COMMAND"
+>named</B
+>
+ listens for connections from <B
+CLASS="COMMAND"
+>rndc</B
+>.
+ The default is 953.
+ </P
+></DD
+><DT
+>-r <TT
+CLASS="REPLACEABLE"
+><I
+>randomfile</I
+></TT
+></DT
+><DD
+><P
+> Specifies a source of random data for generating the
+ authoriazation. If the operating
+ system does not provide a <TT
+CLASS="FILENAME"
+>/dev/random</TT
+>
+ or equivalent device, the default source of randomness
+ is keyboard input. <TT
+CLASS="FILENAME"
+>randomdev</TT
+> specifies
+ the name of a character device or file containing random
+ data to be used instead of the default. The special value
+ <TT
+CLASS="FILENAME"
+>keyboard</TT
+> indicates that keyboard
+ input should be used.
+ </P
+></DD
+><DT
+>-p <TT
+CLASS="REPLACEABLE"
+><I
+>protocol</I
+></TT
+></DT
+><DD
+><P
+> Sets the protocol value for the generated key. The protocol
+ is a number between 0 and 255. The default is 2 (email) for
+ keys of type USER and 3 (DNSSEC) for all other key types.
+ Other possible values for this argument are listed in
+ RFC 2535 and its successors.
+ </P
+></DD
+><DT
+>-s <TT
+CLASS="REPLACEABLE"
+><I
+>address</I
+></TT
+></DT
+><DD
+><P
+> Specifies the IP address where <B
+CLASS="COMMAND"
+>named</B
+>
+ listens for command channel connections from
+ <B
+CLASS="COMMAND"
+>rndc</B
+>. The default is the loopback
+ address 127.0.0.1.
+ </P
+></DD
+><DT
+>-t <TT
+CLASS="REPLACEABLE"
+><I
+>chrootdir</I
+></TT
+></DT
+><DD
+><P
+> Used with the <B
+CLASS="COMMAND"
+>-a</B
+> option to specify
+ a directory where <B
+CLASS="COMMAND"
+>named</B
+> will run
+ chrooted. An additional copy of the <TT
+CLASS="FILENAME"
+>rndc.key</TT
+>
+ will be written relative to this directory so that
+ it will be found by the chrooted <B
+CLASS="COMMAND"
+>named</B
+>.
+ </P
+></DD
+><DT
+>-u <TT
+CLASS="REPLACEABLE"
+><I
+>user</I
+></TT
+></DT
+><DD
+><P
+> Used with the <B
+CLASS="COMMAND"
+>-a</B
+> option to set the owner
+ of the <TT
+CLASS="FILENAME"
+>rndc.key</TT
+> file generated.
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="REFSECT1"
+><A
+NAME="AEN145"
+></A
+><H2
+>EXAMPLES</H2
+><P
+> To allow <B
+CLASS="COMMAND"
+>rndc</B
+> to be used with
+ no manual configuration, run
+ </P
+><P
+> <TT
+CLASS="USERINPUT"
+><B
+>rndc-confgen -a</B
+></TT
+>
+ </P
+><P
+> To print a sample <TT
+CLASS="FILENAME"
+>rndc.conf</TT
+> file and
+ corresponding <B
+CLASS="COMMAND"
+>controls</B
+> and <B
+CLASS="COMMAND"
+>key</B
+>
+ statements to be manually inserted into <TT
+CLASS="FILENAME"
+>named.conf</TT
+>,
+ run
+ </P
+><P
+> <TT
+CLASS="USERINPUT"
+><B
+>rndc-confgen</B
+></TT
+>
+ </P
+></DIV
+><DIV
+CLASS="REFSECT1"
+><A
+NAME="AEN158"
+></A
+><H2
+>SEE ALSO</H2
+><P
+> <SPAN
+CLASS="CITEREFENTRY"
+><SPAN
+CLASS="REFENTRYTITLE"
+>rndc</SPAN
+>(8)</SPAN
+>,
+ <SPAN
+CLASS="CITEREFENTRY"
+><SPAN
+CLASS="REFENTRYTITLE"
+>rndc.conf</SPAN
+>(5)</SPAN
+>,
+ <SPAN
+CLASS="CITEREFENTRY"
+><SPAN
+CLASS="REFENTRYTITLE"
+>named</SPAN
+>(8)</SPAN
+>,
+ <I
+CLASS="CITETITLE"
+>BIND 9 Administrator Reference Manual</I
+>.
+ </P
+></DIV
+><DIV
+CLASS="REFSECT1"
+><A
+NAME="AEN171"
+></A
+><H2
+>AUTHOR</H2
+><P
+> Internet Software Consortium
+ </P
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
projects / thirdparty / bind9.git / commitdiff
