On Sat August 6 2005 1:49 pm, Paul Howarth wrote:
> On Sat, 2005-08-06 at 08:53 -0400, Claude Jones wrote:
> > While looking at DNS matters this am, I checked to see if BIND was
> > running:
> >
> > cj]# service named status
> > rndc: decode base64 secret: bad base64 encoding
> >
> > Can anyone tell me what this means?
>
> Your /etc/rndc.key probably hasn't got a proper secret in it.
>
If Jeremy is correct, and I'm running bind-chroot (didn't I read along the
way, that this is the FC4 default install?), then, here's what I've got:
In /var/named/chroot/etc there are rdnc.key and named.conf -
rdnc.key looks like this:
key "rndckey" {
algorithm hmac-md5;
secret "cQQ08BlDIxazAR3ojoKFZWaH8f_long_string.....................";
};
named.conf - the relevant section - looks like this:
include "/etc/rndc.key";
key "rndckey" {
algorithm hmac-md5;
secret "sKXHs69HcF7C63BQLGNVQA==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
There appears to be a big discrepancy in the two key values...
The only rdnc.conf file I can find is in /etc
It looks like this:
options {
default-server localhost;
default-key "rndckey";
};
server localhost {
key "rndckey";
};
include "/etc/rndc.key";
This is pointing to the wrong file, no? Shouldn't it be pointing to the
rndc.key file in /var/named/chroot/etc ????
--
Claude Jones
Bluemont, VA, USA
