rndc problem...

Jim Reid jim at rfc1035.com
Mon May 28 10:24:04 UTC 2001


>>>>> "Sano" == Sano B Rutsen <heiko at edsamail.com.ph> writes:

    Sano> My problem is that when i tried to do an "rndc reload" i get
    Sano> an error message saying:

    -> rndc: decode base64 secret: bad base64 encoding

    Sano> Im not sure what this means. 

It seems clear enough: the secret is not a valid base-64 string.

    Sano> key "rndckey" { 
    Sano>	algorithm hmac-md5;
    Sano>	secret "Knskarakusnet15720893";
    Sano> };

Base-64 encoding means that the string has to contain a number of
characters that are a multiple of 4. Your base-64 string --
"Knskarakusnet15720893" -- is 22 characters long. Read the man page on
rndc.conf (in doc/man/bin) or the BIND9 Administrator's Reference
Manual (in doc/arm) for details on how to generate correct base-64
encoded strings.

BTW the named.conf file you posted is missing a key{} statement. This
is needed to identify the key the server should use to authenticate
whatever rndc client talks to it. The same key{} statement in your
rndc.conf file should also be in named.conf.


More information about the bind-users mailing list