[Arm-dev] Problems with dnssec-keygen

Thu Dec 24 21:42:09 UTC 2015
Robert Moskowitz <rgm at htt-consult.com>


On 12/24/2015 04:18 PM, Manuel Wolfshant wrote:
> On 12/24/2015 11:11 PM, Robert Moskowitz wrote:
>>
>>
>> On 12/24/2015 04:02 PM, Manuel Wolfshant wrote:
>>> On 12/24/2015 10:56 PM, Robert Moskowitz wrote:
>>>> I am reading:
>>>>
>>>> https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-rndc.html 
>>>>
>>>>
>>>> I have bind installed and default config running.  I have not 
>>>> applied my customizations yet.  The first step I am taking is 
>>>> getting rndc.key created.  So reading the guide I am trying to run 
>>>> (while logged in as root, and in /etc):
>>>>
>>>> dnssec-keygen -a hmac-md5 -b 256 -n HOST rndc.key
>>>>
>>>> The system is just sitting there and doing nothing.  I have sshed 
>>>> as another session and do not see any processing being done by 
>>>> dnssec-keygen.
>>>>
>>>> This might be a problem with the current build.  Anyone else try this? 
>>> it's waiting for  "randomness" from /dev/random
>>> try creating some activity on the system. even a dd if=/dev/sda 
>>> of=/dev/null might do.
>>
>> Do I do this in another session?  Or run a detacted screen session?
> whatever fits your bill as long as it's in the same time with the 
> keygen process. it MIGHT also work if you do it earlier but I would 
> not hold my breath.
> you can use any process at all that generates activity, even typing 
> random letters on the keyboard should do. or download an iso. 
> basically almost anything that generates activity is used by the 
> kernel as a pool of entropy

It took until that dd finished in an ssh session for the keygen to complete.

thanks