Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎


     rndc-confgen - rndc key generation tool

     rndc-confgen [-ah] [-b keysize] [-c keyfile] [-k keyname]
         [-p port] [-r randomfile] [-s address] [-t chrootdir]
         [-u user]

     The rndc-confgen utility generates configuration  files  for
     rndc(1M).  This utility can be used as a convenient alterna-
     tive to writing  by  hand  the  rndc.conf(4)  file  and  the
     corresponding  controls and key statements in named.conf. It
     can also be run with the -a option to set up a rndc.key file
     and  avoid  altogether  the  need for a rndc.conf file and a
     controls statement.

     The following options are supported:

     -a               Perform automatic rndc configuration.  This
                      option  creates a file rndc.key in /etc (or
                      however sysconfdir was specified when  BIND
                      was  built)  that  is read by both rndc and
                      named(1M) on  startup.  The  rndc.key  file
                      defines   a  default  command  channel  and
                      authentication key allowing rndc to commun-
                      icate with named with no further configura-
                      tion. Running rndc-confgen with  -a  speci-
                      fied  allows  BIND 9 and rndc to be used as
                      drop-in replacements for BIND  8  and  ndc,
                      with  no  changes  to  the  existing BIND 8
                      named.conf file.

     -b keysize       Specify the size of the authentication  key
                      in  bits.  The  keysize  argument  must  be
                      between 1 and 512 bits; the default is 128.

     -c keyfile       Used with  the  -a  option  to  specify  an
                      alternate location for rndc.key.

     -h               Print a short summary of  the  options  and
                      arguments to rndc-confgen.

     -k keyname       Specify the key name of the rndc  authenti-
                      cation  key. The keyname argument must be a
                      valid domain name. The default is rndc-key.

     -p port          Specify  the  command  channel  port  where
                      named  listens  for  connections from rndc.
                      The default is 953.

     -r randomfile    Specify a source of random  data  for  gen-
                      erating the authorization. If the operating
                      system does not provide  a  /dev/random  or
                      equivalent  device,  the  default source of
                      randomness is keyboard input. The randomdev
                      argument  specifies the name of a character
                      device or file containing random data to be
                      used  instead  of  the default. The special
                      value  keyboard  indicates  that   keyboard
                      input should be used.

     -s address       Specify the IP address where named  listens
                      for  command channel connections from rndc.
                      The  default  is   the   loopback   address

     -t chrootdir     Used with the -a option to specify a direc-
                      tory  where  named  will run after the root
                      directory is changed with  chroot(1M).   An
                      additional  copy  of  the  rndc.key will be
                      written relative to this directory so  that
                      it  will  be  found by the named in the new

     -u user          Used with the -a option to set the owner of
                      the  rndc.key file generated. If -t is also
                      specified only the file in the chroot  area
                      has its owner changed.

     Example 1 Create Automatic rndc Configuration

     The following command creates an automatic  rndc  configura-
     tion, so that rndc can be used immediately.

       rndc-confgen -a

     Example 2 Print a Sample rndc.conf File

     The following command prints a sample  rndc.conf  file  with
     corresponding  controls and key statements. These statements
     can  subsequently  be  manually   inserted   in   the   file


     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWbind                    |
    | Interface Stability         | External                    |

     chroot(1M), named(1M), rndc(1M), rndc.conf(4), attributes(5)

     BIND 9 Administrator Reference Manual, available at the  ISC
     web site

     Source for BIND9 is available in the SUNWbind9S package.

Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.