I have missed some step in Setting up rndc for Bind-9.1.0.
James A Griffin
agriffin at cpcug.org
Thu Mar 1 15:45:07 UTC 2001
In rndc.conf the key is named 'testcontrol' and in named.conf the key is
named 'testcontorl.'. Note the '.' at the end of testcontrol. The
names must match.
Regards,
Jim
Martin McCormick wrote:
>
> I have Bind-9.1.0 running on Solaris7 and it seems to be
> happy except that I have the following problem with rndc and I am
> not sure what I did to cause it: This is a test configuration,
> but it demonstrates the problem.
>
> Here is rndc.conf.
>
> key testcontrol {
> algorithm "hmac-md5";
> secret "yA==";
> };
> options {
> default-server 127.0.0.1;
> default-key testcontrol;
> };
>
> I made that key with:
>
> /usr/local/sbin/dnssec-keygen -a hmac-md5 -b 8 -n HOST testcontrol.
>
> This produced Ktestcontrol.+157+00000.key and
> Ktestcontrol.+157+00000.private
>
> Ktestcontrol.+157+00000.key looks like
>
> testcontrol. IN KEY 512 3 157 yA==
>
> Ktestcontrol.+157+00000.private contains
>
> Private-key-format: v1.2
> Algorithm: 157 (HMAC_MD5)
> Key: yA==
>
> I added the following controls statements to
> /etc/named.conf:
>
> controls {
> inet 127.0.0.1 allow { 127.0.0.1; } keys { testcontrol; };
> };
>
> key testcontrol. {
> algorithm hmac-md5;
> secret "yA==";
> };
>
> server 127.0.0.1 {
> keys { testcontrol. ;};
> };
>
> I then started named after running named-checkconf and
> getting no complaints.
>
> bind started right up with no errors so I tried a rndc
> command.
>
> % rndc reload
>
> rndc: send remote authenticator: not found
>
> Where did I goof up? I notice that the ASCII string of
> "authenticator" does not appear in any form in the html
> documentation. What is it that's not there?
>
> By the way, I originally had a 512-bit key and got the
> same results. The 8-bit key is simply shown here to generate
> shorter lines.
>
> Martin McCormick 405 744-7572 Stillwater, OK
> OSU Center for Computing and Information services Data Communications Group
More information about the bind-users
mailing list