> Operating System is "Debian GNU/Linux 5.0 Lenny" with bind9 in version > 1:9.7.0.dfsg.P1-1~bpo50+1
I get the same problem on Ubuntu, which is Debian-based. /dev/random runs out of entropy rapidly and takes a long time to recover. Using "dnssec-keygen -r /dev/urandom" will make it finish much faster, but that uses a pseudo-random number generator instead of true randomness, so it's not the best choice from the paranoid crypto viewpoint. I often use it for test zones and such. If I needed a proper bulletproof key on an Ubuntu box, and I didn't want to wait a long time for it, I'd probably generate the key on some other system and copy it over. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
