rndc confusion

donovan jeffrey j donovan at beth.k12.pa.us
Thu Jan 27 02:39:53 UTC 2011


it has been a while since I have worked with named, and Ive seemed to wrap myself in a key confusion.

I had some issue with an invalid key so i ran rndc-confgen -a which gave me a new key in /etc/rndc.key.
so now rndc works fine.

but when looked at /etc/rndc.conf the key was different than the  /etc/rndc.key. i thought they had to be the same for this to work. I'm assuming that i should replace the key the rndc.conf, or maybe it's not needed since I'm loading directly from named.conf ?

any insight or flames welcome.

config below;


// Include keys file
include "/etc/rndc.key";

controls  {
	inet port 1234 allow { localhost; } keys { rndc-key; };

options  {
	include "/usr/local/named/options";

logging {
	include "/usr/local/named/loggingOptions.conf";

include "/etc/dns/privateView.conf.basd";


# Start of rndc.conf
key "rndc-key" {
	algorithm hmac-md5;
	secret "xxx...Bmw==";

options {
	default-key "rndc-key";
	default-port 1234;
# End of rndc.conf

key "rndc-key" {
	algorithm hmac-md5;
	secret "yyy,,,,,,3MA==";

## end

More information about the bind-users mailing list