Unix/Linux Go Back    

RedHat 9 (Linux i386) - man page for rndc-confgen (redhat section 8)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


       rndc-confgen - rndc key generation tool

       rndc-confgen  [	-a ]  [ -b keysize ]  [ -c keyfile ]  [ -h ]  [ -k keyname ]  [ -p port ]
       [ -r randomfile ]  [ -s address ]  [ -t chrootdir ]  [ -u user ]

       rndc-confgen generates configuration files for rndc. It can be used as a convenient alter-
       native  to writing the rndc.conf file and the corresponding controls and key statements in
       named.conf by hand.  Alternatively, it can be run with the -a option to set up a  rndc.key
       file and avoid the need for a rndc.conf file and a controls statement altogether.

       -a     Do automatic rndc configuration.	This creates a file rndc.key in /etc (or whatever
	      sysconfdir was specified as when BIND was built) that is	read  by  both	rndc  and
	      named on startup. The rndc.key file defines a default command channel and authenti-
	      cation key allowing rndc to communicate with named with no further configuration.

	      Running rndc-confgen -a allows BIND 9 and rndc to be used as  drop-in  replacements
	      for BIND 8 and ndc, with no changes to the existing BIND 8 named.conf file.

       -b keysize
	      Specifies  the  size  of the authentication key in bits.	Must be between 1 and 512
	      bits; the default is 128.

       -c keyfile
	      Used with the -a option to specify an alternate location for rndc.key.

       -h     Prints a short summary of the options and arguments to rndc-confgen.

       -k keyname
	      Specifies the key name of the rndc authentication key.  This must be a valid domain
	      name.  The default is rndc-key.

       -p port
	      Specifies  the  command channel port where named listens for connections from rndc.
	      The default is 953.

       -r randomfile
	      Specifies a source of random data for generating the authoriazation. If the operat-
	      ing  system does not provide a /dev/random or equivalent device, the default source
	      of randomness is keyboard input. randomdev specifies the name of a character device
	      or file containing random data to be used instead of the default. The special value
	      keyboard indicates that keyboard input should be used.

       -s address
	      Specifies the IP address where named listens for command channel	connections  from
	      rndc. The default is the loopback address

       -t chrootdir
	      Used  with  the  -a option to specify a directory where named will run chrooted. An
	      additional copy of the rndc.key will be written relative to this directory so  that
	      it will be found by the chrooted named.

       -u user
	      Used  with  the -a option to set the owner of the rndc.key file generated. If -t is
	      also specified only the file in the chroot area has its owner changed.

       To allow rndc to be used with no manual configuration, run

       rndc-confgen -a

       To print a sample rndc.conf file and corresponding controls and key statements to be manu-
       ally inserted into named.conf, run


       rndc(8), rndc.conf(5), named(8), BIND 9 Administrator Reference Manual.

       Internet Software Consortium

BIND9					   Aug 27, 2001 			  RNDC-CONFGEN(8)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 08:15 PM.