4 Update DNS records by simply SSH'ing into a server.
6 The idea is to create a separate "dyndns" user on the DNS server.
7 It gets the ``ssh-dyndns`` script as login shell, so that no other programs
9 SSH provides secure, password-less key-based authentication.
11 Upon login, the remote IP is used to create/update a tinydns file with the
12 DNS record for a hostname given by the SSH client.
14 tinydns is part of the dbjdns/dbndns package.
21 1. Clone ssh-dyndns into a sensible location, e.g. ``/usr/local/src/ssh-dyndns``::
23 $ cd /usr/local/src/ && git clone git://git.cweiske.de/ssh-dyndns.git
25 2. Create a user with ``ssh-dyndns`` as login shell::
27 $ useradd -g nogroup -m -N -s /usr/local/src/ssh-dyndns/ssh-dyndns dyndns
29 3. Setup password-less ssh keys for the dyndns user::
31 $ su - dyndns -s /bin/bash
33 $ cat /path/to/key.pub >> ~/.ssh/authorized_keys
35 4. Prevent showing login messages::
37 $ su - dyndns -s /bin/bash
40 Alternatively, you may commend out the "motd" lines in ``/etc/pam.d/sshd``
41 5. Configure ssh-dyndns as root::
43 $ cp /usr/local/src/ssh-dyndns/ssh-dyndns.sh.config-dist /etc/ssh-dyndns.sh
44 $ nano /etc/ssh-dyndns.sh
46 6. Allow ssh-dyndns to run "sudo make" without password::
49 dyndns ALL= NOPASSWD: /usr/bin/make
54 The configuration file template ``ssh-dyndns.sh.config-dist`` may be copied
55 to either ``/etc/ssh-dyndns.sh`` or ``~/.config/ssh-dyndns.sh``.
57 The system-wide config file is loaded first, the user-specific one after that.
59 The configuration file may define the following variables:
62 Path to the tinydns zone files, e.g. ``/etc/tinydns/root/``
64 File name template. ``%DOMAIN%`` will be replaced with the actual
67 Default: ``data-dyndns-%DOMAIN%``
69 DNS entry TTL (time to live) in seconds
73 Defines patterns for domains that may be dynamically changed.
74 If the domain name does not match the pattern, the script aborts.
76 You may use several patterns by separating them with a space.
77 Shell wildcards are supported (``*`` and ``?``).
79 Default: ``home.example.org *.home.example.org``
85 Simply ssh into the server and pass the hostname as parameter::
87 $ ssh dyndns@example.org home.example.org
89 This will start the ``ssh-dyndns`` script on the remote server, generate
90 the tinydns zone file and run ``make`` in the ``data_dir`` directory to
91 compile the ``data.cdb`` file.
92 tinydns will automatically pick up the change.
98 - IPv6 is not supported yet
104 ssh-dyndns is licensed under the `AGPL v3`__ or later.
106 __ http://www.gnu.org/licenses/agpl.html
112 Written by Christian Weiske, cweiske@cweiske.de