PRNG not seeded, service won't start

Howard, Christopher Christopher-Howard at
Fri Sep 21 02:33:35 UTC 2018

I’ve downgraded as well, but at some point the last working version will be end of life.  Hopefully you get somewhere with your bug report.


On Sep 20, 2018, at 3:02 PM, Reindl Harald <h.reindl at<mailto:h.reindl at>> wrote:

well, i just downgraded since it's a resolver without dnssec at all

Am 20.09.18 um 20:27 schrieb Howard, Christopher:
I'm not the only one! Whew, I thought I was losing my mind.

I have rngd and haveged running and there is large pool of entropy and I
still can't get newer versions of bind to start. Very frustrating.


On Thu, 2018-09-20 at 20:14 +0200, Reindl Harald wrote:
OK, this is *really* foolish

on a heavily used machine with 2 days uptime, rngd and haveged there is
*for sure* enough random

bind-9.11.4-8.P1.fc28.x86_64 just found on Fedora koji

Sep 20 20:08:17 srv-rhsoft named[988479]:
../../../lib/dns/openssl_link.c:294: fatal error:
Sep 20 20:08:17 srv-rhsoft named[988479]: OpenSSL pseudorandom number
generator cannot be initialized (see the `PRNG not seeded' message in
the OpenSSL FAQ)
Sep 20 20:08:17 srv-rhsoft named[988479]: exiting (due to fatal error in

who the hell does such invasive obviously not proper tested changes in
minor updates?

Am 18.09.18 um 15:44 schrieb Howard, Christopher:
I found that link previously and tried it. It didn't complain about that
not being a valid setting, but it didn't change the outcome. I'm
beginning to believe I may just have to upgrade to CentOS 7. It needs to
be done at some point anyway, I just didn't want to do it now.


On Tue, 2018-09-18 at 09:33 +0100, Tony Finch wrote:
Howard, Christopher <Christopher-Howard at <mailto:Christopher-Howard at> <mailto:Christopher-Howard at <mailto:Christopher-Howard at>>> wrote:

Does any one have any ideas of what I'm missing or what I can do to
resolve this (besides upgrading this box to CentOS 7)?

Try setting `random-device "/dev/urandom";` in `named.conf`.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bind-users mailing list