Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 30 Jan 2004 15:33:50 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        Free BSD Questions list <freebsd-questions@freebsd.org>
Subject:   Re: rndc-confgen -a goes off forever
Message-ID:  <20040130153350.GA78931@happy-idiot-talk.infracaninophile.co.uk>
In-Reply-To: <20040130152214.GA18353@teddy.fas.com>
References:  <20040130152214.GA18353@teddy.fas.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--ZPt4rx8FFjLCG7dd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jan 30, 2004 at 10:22:14AM -0500, stan wrote:
> I'm trying to set up bind 9 on a 4.9 STABLE machine.
>=20
> Looking in theprots message file, it says tehat I need to generate a sour=
ce
> of random numberes by using rndc-confgen -a. When I type this command, it
> never returns (It's been linke 10 minutes). and to shos that it's not usi=
ng
> any CPU cycles. I am running this as root.
>=20
> What am I doing wrong?

Actually it says you need to set up a source of randomness /so that/
rndc-confgen will work in a reasonable amount of time.

Take a look at rndcontrol(8) and then at the output of=20

    vmstat -i

so that you can choose two or three interrupts that occur relatively
frequently and enable those as feeds for the entropy source.  Nb.
don't try enabling the clk or rtc interrupts for this purpose: those
tick at regular intervals, and the whole point is to exploit the
random spacing between interrupts.  Use rndcontrol(8) to turn on the
entropy harvesting, and then leave the system to work for a while and
gather a bit of entropy.  After that rndc-confgen(8) should work fine.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

--ZPt4rx8FFjLCG7dd
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAGnledtESqEQa7a0RAnMtAJ0e5UfpMYoRHgzpnGWHEcifkpccqQCdHexh
un6TCMS8vshwKGD0TyBSRcE=
=/Ygx
-----END PGP SIGNATURE-----

--ZPt4rx8FFjLCG7dd--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040130153350.GA78931>