hookooekoo
30th June 2004, 03:26 PM
I generated a rndc key using the hmac-md5 method and it generated a file
dnssec-keygen -a hmac-md5 -b 256 -n HOST britz
Kbritz.+157+23088.key
[root@ns2 etc]# cat Kbritz.+157+23088.key
britz. IN KEY 512 3 157 xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=
Here is my rndc.conf
key "Kbritz.key" {
algorithm hmac-md5;
secret "xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=";
};
options {
default-server localhost;
default-key "Kbritz.key";
};
my kbritz.key
key "Kbritz" {
algorithm hmac-md5;
secret "xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=";
};
my named.conf
controls {
inet 127.0.0.1 allow { localhost; } keys { Kbritz.key; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
include "/etc/Kbritz.key";
Everything seems to be working fine, but this error messages bothers me. I did not get this message before I nuked the rndc.key generated when bind was installed.
[root@ns2 etc]# /etc/init.d/named restart
Stopping named: rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
[ OK ]
Starting named: [ OK ]
Any Idea on what is causing this or how to fix?
Here is an error message in the logs, but Kbritz.key exists.
Jun 30 02:00:36 ns2 named[4946]: /etc/named.conf:19: couldn't find key 'Kbritz.key' for use with command channel 127.0.0.1#953
Thanks
dnssec-keygen -a hmac-md5 -b 256 -n HOST britz
Kbritz.+157+23088.key
[root@ns2 etc]# cat Kbritz.+157+23088.key
britz. IN KEY 512 3 157 xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=
Here is my rndc.conf
key "Kbritz.key" {
algorithm hmac-md5;
secret "xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=";
};
options {
default-server localhost;
default-key "Kbritz.key";
};
my kbritz.key
key "Kbritz" {
algorithm hmac-md5;
secret "xARMxlgxfoXs06ply/zx8EMnj/Zy4zpic463SAWyZv0=";
};
my named.conf
controls {
inet 127.0.0.1 allow { localhost; } keys { Kbritz.key; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
include "/etc/Kbritz.key";
Everything seems to be working fine, but this error messages bothers me. I did not get this message before I nuked the rndc.key generated when bind was installed.
[root@ns2 etc]# /etc/init.d/named restart
Stopping named: rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
[ OK ]
Starting named: [ OK ]
Any Idea on what is causing this or how to fix?
Here is an error message in the logs, but Kbritz.key exists.
Jun 30 02:00:36 ns2 named[4946]: /etc/named.conf:19: couldn't find key 'Kbritz.key' for use with command channel 127.0.0.1#953
Thanks
