For some reason, dnssec-keygen hangs using the following line:

dnssec-keygen -a hmac-md5 -b 256 -n user rndc

I've let it run for as long as half an hour. This is a dual xeon DL360 server with 2.5GB of ram.

Also - I'm getting this from rndc, using an old set of keys:
[root@dhgsrv17 root]# service named restart
Stopping named: rndc: no key definition for name rndc-key
[ OK ]
Starting named: [ OK ]

Ok, the key name was misspelled in /etc/rndc.key (rndckey vs. rndc-key), so now I'm getting this in the syslog:

Sep 8 16:56:10 dhgsrv17 named[16453]: /etc/named.conf:19: couldn't install keys for command channel 127.0.0.1#953: not found
Sep 8 16:56:10 dhgsrv17 named[16453]: /etc/named.conf:19: couldn't add command channel 127.0.0.1#953: not found

And here's line 19 from /etc/named.conf:
include "/etc/rndc.key";

Also, on restarting the service:
Stopping named: rndc: connect failed: connection refused
[ OK ]
Starting named: [ OK ]

Also, there's no service answering on port 953 (according to nmap).

nevermind, it helps if you modify the rndc.conf in the chroot directory. thanks anyway.