The keyname and keyvalue in named.conf, rndc.key and rndc.conf have to be
the same. For me I don't have the rndc.key file,but have the left two.
Surely the keyname/keyvalue in these files should be the same.
Regards.
donovan jeffrey j writes:
Greetings
it has been a while since I have worked with named, and Ive seemed to wrap myself in a key confusion.
I had some issue with an invalid key so i ran rndc-confgen -a which gave me a
new key in /etc/rndc.key.
so now rndc works fine.
but when looked at /etc/rndc.conf the key was different than the /etc/rndc.key. i thought they had to be the same for this to work. I'm assuming that i should replace the key the rndc.conf, or maybe it's not needed since I'm loading directly from named.conf ?
any insight or flames welcome.
-j
config below;
named.conf
//
// Include keys file
//
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 1234 allow { localhost; } keys { rndc-key; };
};
options {
include "/usr/local/named/options";
};
logging {
include "/usr/local/named/loggingOptions.conf";
};
include "/etc/dns/privateView.conf.basd";
rndc.conf
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "xxx...Bmw==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 1234;
};
# End of rndc.conf
rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "yyy,,,,,,3MA==";
};
## end
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
