I have missed some step in Setting up rndc for Bind-9.1.0.
Martin McCormick
martin at dc.cis.okstate.edu
Thu Mar 1 15:25:31 UTC 2001
I have Bind-9.1.0 running on Solaris7 and it seems to be
happy except that I have the following problem with rndc and I am
not sure what I did to cause it: This is a test configuration,
but it demonstrates the problem.
Here is rndc.conf.
key testcontrol {
algorithm "hmac-md5";
secret "yA==";
};
options {
default-server 127.0.0.1;
default-key testcontrol;
};
I made that key with:
/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 8 -n HOST testcontrol.
This produced Ktestcontrol.+157+00000.key and
Ktestcontrol.+157+00000.private
Ktestcontrol.+157+00000.key looks like
testcontrol. IN KEY 512 3 157 yA==
Ktestcontrol.+157+00000.private contains
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key: yA==
I added the following controls statements to
/etc/named.conf:
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { testcontrol; };
};
key testcontrol. {
algorithm hmac-md5;
secret "yA==";
};
server 127.0.0.1 {
keys { testcontrol. ;};
};
I then started named after running named-checkconf and
getting no complaints.
bind started right up with no errors so I tried a rndc
command.
% rndc reload
rndc: send remote authenticator: not found
Where did I goof up? I notice that the ASCII string of
"authenticator" does not appear in any form in the html
documentation. What is it that's not there?
By the way, I originally had a 512-bit key and got the
same results. The 8-bit key is simply shown here to generate
shorter lines.
Martin McCormick 405 744-7572 Stillwater, OK
OSU Center for Computing and Information services Data Communications Group
More information about the bind-users
mailing list