Description of problem: When I run 'rndc-confgen -a' to generate a key for rndc, restart named, and run 'rndc status' I get: # rndc status rndc: connection to remote host closed This may indicate that * the remote server is using an older version of the command protocol, * this host is not authorized to connect, * the clocks are not synchronized, or * the key is invalid. If I copy the rndc file from another system, and restart named, rndc works. Version-Release number of selected component (if applicable): bind-9.6.1-0.1.b1.fc11.x86_64 How reproducible: Aways Steps to Reproduce: 1./usr/sbin/rndc-confgen -a 2.service named restart 3.rndc status Actual results: rndc: connection to remote host closed This may indicate that * the remote server is using an older version of the command protocol, * this host is not authorized to connect, * the clocks are not synchronized, or * the key is invalid. Expected results: Status report Additional info: When I generate a key under F10 (bind-9.5.1-2.P2.fc10.i386) it works.
Could you check if you don't override default rndc key in your named.conf, please? (or attach here your controls {}; statement from named.conf)
Here you go: controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; };
I found the problem. I'm using bind-chroot, but the symlink of /var/named/chroot/etc/rndc.key to /etc/rndc.key was broken. As a result, when running 'rndc-confgen -a', there were two different keys. I re-established the symlink and it's working now. Closing as not a bug.