I'm not the only one! Whew, I thought I was losing my mind. I have rngd and haveged running and there is large pool of entropy and I still can't get newer versions of bind to start. Very frustrating.
-Christopher On Thu, 2018-09-20 at 20:14 +0200, Reindl Harald wrote: OK, this is *really* foolish on a heavily used machine with 2 days uptime, rngd and haveged there is *for sure* enough random bind-9.11.4-8.P1.fc28.x86_64 just found on Fedora koji Sep 20 20:08:17 srv-rhsoft named[988479]: ../../../lib/dns/openssl_link.c:294: fatal error: Sep 20 20:08:17 srv-rhsoft named[988479]: OpenSSL pseudorandom number generator cannot be initialized (see the `PRNG not seeded' message in the OpenSSL FAQ) Sep 20 20:08:17 srv-rhsoft named[988479]: exiting (due to fatal error in library) who the hell does such invasive obviously not proper tested changes in minor updates? Am 18.09.18 um 15:44 schrieb Howard, Christopher: I found that link previously and tried it. It didn't complain about that not being a valid setting, but it didn't change the outcome. I'm beginning to believe I may just have to upgrade to CentOS 7. It needs to be done at some point anyway, I just didn't want to do it now. -Christopher On Tue, 2018-09-18 at 09:33 +0100, Tony Finch wrote: Howard, Christopher <christopher-how...@utc.edu<mailto:christopher-how...@utc.edu> <mailto:christopher-how...@utc.edu<mailto:christopher-how...@utc.edu>>> wrote: Does any one have any ideas of what I'm missing or what I can do to resolve this (besides upgrading this box to CentOS 7)? Try setting `random-device "/dev/urandom";` in `named.conf`. See https://gitlab.isc.org/isc-projects/bind9/commit/24172bd2eeba91441ab1c65d2717b0692309244a
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
