dnssec-keygen is waiting endless...

Jack Tavares j.tavares at F5.com
Fri May 28 17:36:51 UTC 2010

Or it is a chroot jail and it does not have a source of entropy

-----Original Message-----
From: bind-users-bounces+j.tavares=f5.com at lists.isc.org [mailto:bind-users-bounces+j.tavares=f5.com at lists.isc.org] On Behalf Of Paul Wouters
Sent: Friday, May 28, 2010 9:34 AM
To: Michelle Konzack
Cc: Bind Users
Subject: Re: dnssec-keygen is waiting endless...

On Fri, 28 May 2010, Michelle Konzack wrote:

> Hello *;
> I am retrying to setup DNSSEC but I have a problem with:
>    dnssec-keygen -a RSASHA1 b 1024 -n ZONE tamay-dogan.net
> because if I issue the command, it waits forever and nothing happen.
> What can this be?
> Operating System is "Debian GNU/Linux 5.0 Lenny" with bind9 in version
> 1:9.7.0.dfsg.P1-1~bpo50+1

My bet is that this is a VM and you have no entropy. Either generate some
entropy (eg run in paralel something like: find / -type f | xargs grep KSdgajkgdaksdga)
or create the keys on real iron instead of a VM.

bind-users mailing list
bind-users at lists.isc.org

More information about the bind-users mailing list