rndc key for bind 9.3.0. catch-22?

Wesley Griffin wgriffin at sparta.com
Thu Feb 3 15:01:36 UTC 2005


On 2/3/2005 9:07 AM, "Jim Reid" <jim at rfc1035.com> wrote:

>>>>>> "Robert" == Robert Moskowitz <rgm at htt-consult.com> writes:
> 
>     Christopher> How do I generate a key for the /etc/rndc.conf file
>     Christopher> with bind version 9.3.0?
>>>  Well the man page for rndc.conf describes two ways of doing
>>> this:
>>> 
>>> [1] rndc-confgen [2] throw any old rubbish at mmencode or
>>> anything else that generates a valid base-64 encoded string
> 
>     Robert> where is mmencode?  Can't seem to find it....
> 
> search for base-64 in your computer's man pages should unearth details
> of whatever utilities are installed for generating base-64 strings.
> FWIW, a google search on "base-64 utilities" throws up 150,000+ links
> so it can't be that hard to find something that'll generate base-64
> strings. Not that you need them if you used rndc-confgen or
> dnssec-keygen to generate the base-64 keys for /etc/rndc.conf.

This is mostly for the archives, but if you have OpenSSL installed you have
everything you need:

$ openssl rand -base64 128

Replacing 128 with any number you want to specify the size of the key.

-- 
Wesley Griffin <wgriffin at sparta.com>




More information about the bind-users mailing list