From owner-freebsd-questions Mon Dec 2 1:19:36 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D93A537B401 for ; Mon, 2 Dec 2002 01:19:34 -0800 (PST) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9023D43EBE for ; Mon, 2 Dec 2002 01:19:33 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.6/8.12.6) with ESMTP id gB29JQOR061135 for ; Mon, 2 Dec 2002 09:19:26 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.6/8.12.6/Submit) id gB29JLQB061134 for freebsd-questions@FreeBSD.ORG; Mon, 2 Dec 2002 09:19:21 GMT Date: Mon, 2 Dec 2002 09:19:21 +0000 From: Matthew Seaman To: freebsd-questions@FreeBSD.ORG Subject: Re: rndc-conf is freezing.. Message-ID: <20021202091920.GA60710@happy-idiot-talk.infracaninophi> Mail-Followup-To: Matthew Seaman , freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-3.0 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_00_01, USER_AGENT,USER_AGENT_MUTT version=2.43 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Dec 01, 2002 at 06:08:44PM -0500, Jeff MacDonald wrote: > I've read a few threads that say rndc-confgen may freeze because > /dev/random isnt' random enough. > > I've set the rand_irqs in rc.conf, as well hammered on the keyboard > some while rndc-confgen is runnning and it still sits there. > > anyone know what can be done? I have bind9 running fine, but if > i update anything i have to do a kill/named to read config changes. > which is less than elegant ;) You can run: rndc-confgen -r keyboard which will use the keyboard interactively as a source of randomness. Or you can just run rndc-confgen on another host and copy the files it generates over to your DNS server. The 'secret' in the generated config files is just a base64 encoded short piece of text. You can generate a secret using 'mmencode' as described in the rndc.conf(5) man page. However, it's not necessary to install the metamail package, as openssl will do the job: % echo secret-password | openssl base64 c2VjcmV0LXBhc3N3b3JkCg== Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message