rndc-confgen(1)

This option is used to configure rndc automatically. This creates a file rndc.key in /etc (or whatever sysconfdir was specified when BIND was built) that is read by both rndc and named on startup. The rndc.key file defines a default command channel and authentication key allowing rndc to communicate with named with no further configuration. Running rndc-confgen -a allows BIND 9 and rndc to be used as drop-in replacements for BIND 8 and ndc, with no changes to the existing BIND 8 named.conf file.

This option is used to specify the size of the authentication key in bits. The value must range between 1 and 512 bits. Default is 128 bits.

This option is used with the -a option to specify an alternate location for rndc.key.

This option is used to print a short summary of the options and arguments to rndc-confgen.

This option is used to specify the key name of the rndc authentication key. This must be a valid domain name. Default is rndc-key.

This option is used to specify the command channel port where named listens for connections from rndc. Default is 953.

This option is used to specify a source file of random data for generating the authorization. If the operating system does not provide a /dev/random or equivalent device, the default source of randomness is keyboard input. randomdev specifies the name of a character device or a file containing random data to be used instead of the default. The special value keyboard indicates that keyboard input needs to be used.

This option is used to specify the IP address where named listens for command channel connections from rndc. Default is the loopback address 127.0.0.1.

This option is used with the -a option to specify a directory where named will run chrooted. An additional copy of the rndc.key will be written relative to this directory so that it will be found by the chrooted named.

This option is used with the -a option to set the owner of the rndc.key file generated. If -t is also specified, only the file in the chroot area has its owner changed.