BIND qustionS
Matthew Seaman
m.seaman at infracaninophile.co.uk
Thu Apr 17 02:01:13 PDT 2003
On Wed, Apr 16, 2003 at 11:32:49PM -0700, Gary D Kline wrote:
> On Wed, Apr 16, 2003 at 09:15:41PM -0500, Kirk Strauser wrote:
> > At 2003-04-17T00:51:40Z, Gary D Kline <kline at thought.org> writes:
> >
> > > After upgrading to BIND-9.2.2, I bumped into the following output message
> > > that I don't understand.
> >
> > Run `rndc-confgen' to generate the key (and a reasonable rndc.conf to go
> > with it).
>
>
> As roor I'm exec'd rndc-confgen (with various switches). It
> seems to hang, or be sleeping. Do you know what may be happening
> here?
It's trying to read some random data out of /dev/random, but your
system doesn't have enough sufficiently good entropic sources configured
that it can provide as much as rndc-confgen wants.
Take a look at:
i) The '-r' option to rndc-confgen. If you say:
rndc-confgen -a -r keyboard
randomness will be derived by your typing at the keyboard.
ii) The rc.conf 'rand_irqs' variable and the the rndcontrol(8) man
page. To select some good IRQs to use as sources of randomness
look at the 'systat -vmstat' display, specifically the table of
interrupts on the right hand side. Hint: the clk interrupt is no
good for generating randomness as it fires at regular intervals.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030417/a1c713af/attachment.bin
More information about the freebsd-questions
mailing list