Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 8 Apr 2001 17:33:43 +0900 (JST)
From:      eakasaka@rodfbs.org
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   ports/26424: dnssec-keygen command including ports/net/bind9 is not create hmac-md5 key on 4.3-RC
Message-ID:  <200104080833.f388Xhv69727@rodfbs.net>
next in thread | raw e-mail | index | archive | help 

>Number:         26424
>Category:       ports
>Synopsis:       dnssec-keygen command including ports/net/bind9 is not create hmac-md5 key on 4.3-RC
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 08 01:40:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Eriya Akasaka
>Release:        FreeBSD 4.3-RC i386
>Organization:
Akasaka Research Of Development For Basic Software
>Environment:
System: FreeBSD v6gw0.rodfbs.net 4.3-RC FreeBSD 4.3-RC #0: Sat Apr  7 12:03:34 JST 2001 root@v6gw0.rodfbs.net:/usr/src/sys/compile/MOCO.SMP  i386
ports/net/bind9
bind-9.1.1
>Description:
/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 512 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 1 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

>How-To-Repeat:
/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 512 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 1 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

/usr/local/sbin/dnssec-keygen -a hmac-md5 -b 128 -n user rndc
dnssec-keygen: failed to generate key rndc/157: out of entropy

>Fix:
Maybe this problem  have relation to following known bugs in /usr/local/share/doc/bind9/README.

There are a few known bugs:

FreeBSD prior to 4.2 (and 4.2 if running as non-root)
and OpenBSD prior to 2.8 log messages like
"fcntl(8, F_SETFL, 4): Inappropriate ioctl for device".
This is due to a bug in "/dev/random" and impacts the
server's DNSSEC support.

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104080833.f388Xhv69727>