rndc confusion
donovan jeffrey j
donovan at beth.k12.pa.us
Thu Jan 27 02:39:53 UTC 2011
Greetings
it has been a while since I have worked with named, and Ive seemed to wrap myself in a key confusion.
I had some issue with an invalid key so i ran rndc-confgen -a which gave me a new key in /etc/rndc.key.
so now rndc works fine.
but when looked at /etc/rndc.conf the key was different than the /etc/rndc.key. i thought they had to be the same for this to work. I'm assuming that i should replace the key the rndc.conf, or maybe it's not needed since I'm loading directly from named.conf ?
any insight or flames welcome.
-j
config below;
named.conf
//
// Include keys file
//
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 1234 allow { localhost; } keys { rndc-key; };
};
options {
include "/usr/local/named/options";
};
logging {
include "/usr/local/named/loggingOptions.conf";
};
include "/etc/dns/privateView.conf.basd";
rndc.conf
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "xxx...Bmw==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 1234;
};
# End of rndc.conf
rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "yyy,,,,,,3MA==";
};
## end
More information about the bind-users
mailing list