19.4.2. Configuring /etc/rndc.conf
The
key
is the most important statement in /etc/rndc.conf
.
key "<key-name>" { algorithm hmac-md5; secret "<key-value>"; };
The <key-name> and <key-value> should be exactly the same as their settings in
/etc/named.conf
.
To match the keys specified in the target server's
/etc/named.conf
, add the following lines to /etc/rndc.conf
.
options { default-server localhost; default-key "<key-name>"; };
This directive sets a global default key. However, the
rndc
configuration file can also specify different keys for different servers, as in the following example:
server localhost { key "<key-name>"; };
Important
Make sure that only the root user can read or write to the
/etc/rndc.conf
file.
For more information about the
/etc/rndc.conf
file, refer to the rndc.conf
man page.