BIND qustionS

Thu Apr 17 02:01:13 PDT 2003

On Wed, Apr 16, 2003 at 11:32:49PM -0700, Gary D Kline wrote:
> On Wed, Apr 16, 2003 at 09:15:41PM -0500, Kirk Strauser wrote:
> > At 2003-04-17T00:51:40Z, Gary D Kline <kline at thought.org> writes:
> > 
> > > After upgrading to BIND-9.2.2, I bumped into the following output message
> > > that I don't understand.
> > 
> > Run `rndc-confgen' to generate the key (and a reasonable rndc.conf to go
> > with it).
> 
> 
> 	As roor I'm exec'd rndc-confgen (with various switches).  It
> 	seems to hang, or be sleeping.  Do you know what may be happening
> 	here?

It's trying to read some random data out of /dev/random, but your
system doesn't have enough sufficiently good entropic sources configured
that it can provide as much as rndc-confgen wants.

Take a look at:

    i) The '-r' option to rndc-confgen.  If you say:

        rndc-confgen -a -r keyboard

    randomness will be derived by your typing at the keyboard.

    ii) The rc.conf 'rand_irqs' variable and the the rndcontrol(8) man
    page.  To select some good IRQs to use as sources of randomness
    look at the 'systat -vmstat' display, specifically the table of
    interrupts on the right hand side.  Hint: the clk interrupt is no
    good for generating randomness as it fires at regular intervals.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030417/a1c713af/attachment.bin