Named rndc.key

[supersoft]

Hello (excuseme for my english) I post this message in Español but without answers
In last six days 1:30 hour Argentina(GMT -3)
I recibed messages

named failed @ Sun Feb 11 01:34:52 2007. A restart was attempted automagicly.

And after some minutes the named failes.

I restart named --> failed

The Adm say: failure de conf del rndc

Feb 8 16:50:59 server named[7505]: /etc/rndc.key:1: configuring key 'rndc-key': bad base64 encoding
Feb 8 16:50:59 server named[7505]: loading configuration: bad base64 encoding

I solution the problem with

cp /etc/rndc.key /etc/rndc.key.old
rndc-confgen -a -b 128 -c /etc/rndc.key -k rndc-key chown named:named
/etc/rndc.key service named restart

but in next day at same hour the problem repeat

Solution?

[dreamwiz]

Have you tried /scripts/fixrndc ?

[supersoft]

Yes.
Alfer run /scripts/fixrndc the named--> failed

Too when edit zone DNS or add new account

Error reconfiguring bind on server: rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.

[Shinichi Kato]

/scripts/fixndc
/scripts/fixrndc
/scripts/fixnamed

[supersoft]

No run named--> Failed

root@server [~]# /scripts/fixndc
Creating /etc/rndc.key ...
Starting named: [FAILED]
root@server [~]# /scripts/fixrndc
Starting named: [FAILED]
root@server [~]# /scripts/fixnamed

[supersoft]

All days the same problema

Feb 14 01:34:30 server named[20655]: invalid command from 127.0.0.1#34501: bad auth
Feb 14 01:34:30 server named[20655]: invalid command from 127.0.0.1#34502: bad auth
Feb 14 01:34:30 server named[20655]: shutting down
Feb 14 01:34:30 server named[20655]: stopping command channel on 127.0.0.1#953
Feb 14 01:34:30 server named[20655]: no longer listening on 127.0.0.1#53
Feb 14 01:34:30 server named[20655]: no longer listening on XXXXXXXXX#53
Feb 14 01:34:30 server named[20655]: exiting
Feb 14 01:34:30 server named: named -TERM succeeded
Feb 14 01:34:30 server named: succeeded
Feb 14 01:34:31 server named[21728]: starting BIND 9.2.4 -u named
Feb 14 01:34:31 server named[21728]: using 1 CPU
Feb 14 01:34:31 server named[21728]: loading configuration from '/etc/named.conf'
Feb 14 01:34:31 server named[21728]: listening on IPv4 interface lo, 127.0.0.1#53
Feb 14 01:34:31 server named[21728]: listening on IPv4 interface eth0, XXXXXXXX#53
Feb 14 01:34:31 server named[21728]: /etc/rndc.key:1: configuring key 'rndc-key': bad base64 encoding
Feb 14 01:34:31 server named[21728]: loading configuration: bad base64 encoding
Feb 14 01:34:31 server named[21728]: exiting (due to fatal error)
Feb 14 01:34:31 server named[21728]: loading configuration: bad base64 encoding
Feb 14 01:34:31 server named[21728]: exiting (due to fatal error)
Feb 14 01:34:31 server named: named startup failed

[Rich43]

I got this problem too.. I had to write my own config file. Cpanel keeps inserting an invalid key.

[cpanelnick]

I got this problem too.. I had to write my own config file. Cpanel keeps inserting an invalid key.

You'll need to fix the key in /etc/rndc.key

[Rich43]

Yeah I do, but I wish cpanel wouldnt generate a dodgy key, its an annoyance!

Heres an example of a crap key cpanel makes on centos 5 64bit:
key "rndc-key" {
algorithm hmac-md5;
secret "Sk4oeqLWoeifi8A1e
";
};

yes it puts the speech marks on next line too.. whats up with that?

[tangelis]

I had the same problem.
To fix this do the following:
cd /etc
mv rndc.conf _rndc.conf
/scripts/fixrndc

It seems that the source of the problem is the /etc/rndc.conf

To test that the problem has been fixed, run /scripts/upcp(this is the script that runs every day and by calling the /scripts/fixrndc, creates a corrupt /etc/rndc.key) and then check if named is still running and /etc/rndc.key secret is valid.

[aontech]

Code:

/scripts/fixrndc
warn [fixrndc] /usr/sbin/rndc status failed: rndc: recv failed: connection reset
warn [fixrndc] rndc.conf not located on system
warn [fixrndc] rndc.conf not located on system
Creating rndc.conf
Creating /etc/rndc.key
Including rndc key file to named.conf
Adding controls clause
warn [fixrndc] /usr/sbin/rndc status failed: rndc: recv failed: connection reset
Restarting named
warn [fixrndc] /usr/sbin/rndc status failed: rndc: recv failed: connection reset
/scripts/fixrndc failed to fix the rndc key (or named is otherwise broken), please investigate manually

Time to call support, eh?

[cPanelJared]

If you have not already done so, please submit a support ticket so that we may investigate this problem directly on your server.