If you do not generate the RNDC key
I get the following result in SSH
I generated the key using the following command
As described here
Follows the command output at the terminal
I tested the connection with the RNDC Status command
At this point I know I need to just put the key generated by rndc-confgen -a in the named.conf file
And here is the big problem
I have two named.conf files
One is in chroot And should not be edited, look
And another named.conf in /usr/local/etc/namedb/named.conf look this original file in http://txt.do/d138n
I do not know where to enter rndc-key
UPDATE*
I was looking at the named file
Which is in
/usr/local/etc/rc.d/named
I saw that there is a line talking about rndc
I also noticed that even deleting the named.conf and rndc.conf files from the /cf/ directory which is the bind chroot
They are recreated again, but the rndc key is not the same as that generated with rndc-confgen -a
So rdnc can not connect and so the above errors
In this script http://pasted.co/3bc490e3 would it be possible for me to tell him where he should get the rndc.conf files and the key?
Sorry for my ignorance, but really I am not aware enough for this change.
And I appreciate all the help
I get the following result in SSH
Code:
[2.3.3-RELEASE][root@ns.vnet]/root: rndc status
rndc: neither /usr/local/etc/namedb/rndc.conf nor /usr/local/etc/namedb/rndc.key was found
[2.3.3-RELEASE][root@ns.vnet]/root:
Code:
'rndc-confgen -a' to generate the proper conf file, with a new *
* random key, and appropriate file permissions.
Code:
**********************************************************************
* _ _____ _____ _____ _ _ _____ ___ ___ _ _ *
* / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | *
* / _ \ | | | | | _| | \| | | | | | | | | \| | *
* / ___ \| | | | | |___| |\ | | | | | |_| | |\ | *
* /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| *
* *
* BIND requires configuration of rndc, including a "secret" key. *
* The easiest, and most secure way to configure rndc is to run *
* 'rndc-confgen -a' to generate the proper conf file, with a new *
* random key, and appropriate file permissions. *
* *
* The /usr/local/etc/rc.d/named script will do that for you. *
* *
*********************************************************************
Code:
[2.3.3-RELEASE][root@ns.vnet]/root: rndc-confgen -a
wrote key file "/usr/local/etc/namedb/rndc.key"
[2.3.3-RELEASE][root@ns.vnet]/root:
Code:
[2.3.3-RELEASE][root@ns.vnet]/root: rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the key signing algorithm is incorrect, or
* the key is invalid.
[2.3.3-RELEASE][root@ns.vnet]/root:
And here is the big problem
I have two named.conf files
One is in chroot And should not be edited, look
And another named.conf in /usr/local/etc/namedb/named.conf look this original file in http://txt.do/d138n
I do not know where to enter rndc-key
UPDATE*
I was looking at the named file
Which is in
/usr/local/etc/rc.d/named
I saw that there is a line talking about rndc
Code:
# Create an rndc.key file for the user if none exists
#
confgen_command="${_named_program_root}/sbin/rndc-confgen -a -b256 -u ${named_uid} \
-c ${_named_confdir}/rndc.key"
if [ -s "${_named_confdir}/rndc.conf" ]; then
unset confgen_command
fi
if [ -s "${_named_confdir}/rndc.key" ]; then
case `stat -f%Su ${_named_confdir}/rndc.key` in
root|${named_uid}) ;;
*) ${confgen_command} ;;
esac
else
${confgen_command}
fi
I also noticed that even deleting the named.conf and rndc.conf files from the /cf/ directory which is the bind chroot
They are recreated again, but the rndc key is not the same as that generated with rndc-confgen -a
So rdnc can not connect and so the above errors
In this script http://pasted.co/3bc490e3 would it be possible for me to tell him where he should get the rndc.conf files and the key?
Sorry for my ignorance, but really I am not aware enough for this change.
And I appreciate all the help