From owner-freebsd-questions@FreeBSD.ORG  Mon Nov 29 17:55:03 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9611D16A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 29 Nov 2004 17:55:03 +0000 (GMT)
Received: from jeremino.homeunix.net (jeremino.xs4all.nl [80.126.224.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4D12943D54
	for <freebsd-questions@freebsd.org>;
	Mon, 29 Nov 2004 17:55:03 +0000 (GMT)
	(envelope-from kees@jeremino.homeunix.net)
Received: from jeremina.homeunix.net ([10.0.0.5])
	by jeremino.homeunix.net with smtp (Exim 4.42)
	id 1CYpjm-000JZ7-JR; Mon, 29 Nov 2004 18:54:58 +0100
From: Kees Plonsz <kees@jeremino.homeunix.net>
To: dave <dmehler26@woh.rr.com>, freebsd-questions@freebsd.org
Date: Mon, 29 Nov 2004 18:54:50 +0100
References: <list.freebsd.questions#000501c4d634$d9720bf0$0400a8c0@satellite>
Lines: 19
Organization: Chaotic
User-Agent: KNode/0.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7Bit
Message-Id: <20041129175503.4D12943D54@mx1.FreeBSD.org>
Subject: Re: bind9 rndc chroot on 5.3
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Nov 2004 17:55:03 -0000

dave wrote:

> Hello,
>     I'm trying to set up an rndc key for bind9 on a 5.3 box. I have
> generated the key with dnssec-keygen but when i run rndc bind hangs. I've
> read the handbook, i want to make a 5.3 master dns server for two domains,
> i will not be doing any transfers, if anyone has a howto on this please
> let me know as googling only showed the handbook chapter.
> Thanks.
> Dave.

To generate a key for rndc, I used "rndc-confgen".
If you are running named with chroot, wich is the
default installation, be shure that
the keyfile is "/var/named/etc/namedb/rndc.key"

I think "dnssec-keygen" is for generating a key for
secure hostname lookups and not for rndc commands.