rndc.key problems

Mark_Andrews at isc.org Mark_Andrews at isc.org
Tue Dec 9 01:21:01 UTC 2003


> Greetings,
> 
> I've built and installed BIND 9.2.3 replacing my old 9.1.3 installation, 
> and I'm having an issue with my rndc.key that I can't figure out.
> 
> When I run rndc status (or any other rndc command) I get:
> 
>  ./rndc status
> rndc: error: /usr/local/bind-9.2.3//etc/rndc.key:2: unknown option 
> 'options'
> rndc: could not load rndc configuration

	You are using a "rndc.conf" as a "rndc.key".  The "rndc.key"
	parser does NOT know about options.  The parser for "rndc.conf"
	does know about options.  They are not interchangable.

	Also below does *not* match will the rndc.conf below.
	options is on line 6 not line 2 as reported by the error
	message.

> My rndc.key is the 'stock' key generated by rndc-confgen.

	rndc.key is designed to be loaded by both named and rndc
	either directly due to lack of controls in named.conf or
	no rndc.conf or via 'include "rndc.key";' in named.conf
	and rndc.conf (9.2.x onwards).

	rndc.key is generated by "rndconfgen -a".

	rndc.conf is generated to stdout by "rndconfgen" (no -a)
	and includes a code segment (commented out) to be added to
	named.conf.
	
	I would be renaming /usr/local/bind-9.2.3/etc/rndc.key to
	/usr/local/bind-9.2.3/etc/rndc.conf.

	Mark
	
> I installed the commented out section from the bottom of my rndc-confgen 
> into my named.conf file and I get not errors at startup of named.
> 
> I'm not sure what I'm doing wrong. The contents of my rndc.key is as 
> follows (with my 'secret' key changed.)
> 
> # Start of rndc.conf
> key "rndc-key" {
>         algorithm hmac-md5;
>         secret "thisisnotmyrealkey";
> };
> options {
>         default-key "rndc-key";
>         default-server 127.0.0.1;
>         default-port 953;
> };
> # End of rndc.conf
> 
> Any hints or suggestions appreciated.
> 
> -- 
> Jeffrey J. Barteet 
> Materials Research Laboratory
> UC Santa Barbara, CA 93106 
> 805-893-8642 

> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org


More information about the bind-users mailing list