Hello Evan, Am 2010-05-28 18:33:14, hacktest Du folgendes herunter: > > Operating System is "Debian GNU/Linux 5.0 Lenny" with bind9 in version > > 1:9.7.0.dfsg.P1-1~bpo50+1 > > I get the same problem on Ubuntu, which is Debian-based. /dev/random > runs out of entropy rapidly and takes a long time to recover.
I have tries it on Debian Etch, Lenny and Sid with the same result... On
all three machines I have touse "-r /dev/urandom" which is realy weird.
> Using "dnssec-keygen -r /dev/urandom" will make it finish much
> faster, but that uses a pseudo-random number generator instead of true
> randomness, so it's not the best choice from the paranoid crypto viewpoint.
> I often use it for test zones and such. If I needed a proper bulletproof
> key on an Ubuntu box, and I didn't want to wait a long time for it, I'd
> probably generate the key on some other system and copy it over.
:-) I have 38.000 Zones and on my "AMD Sempron 2200+" with 3 GByte of
memory it take arround 40 Second to create ONE signed zone fro a script.
This mean, if I want to sign 38.000 zones it will run 18 days...
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsyst...@tdnet France EURL itsyst...@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber [email protected]
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
signature.pgp
Description: Digital signature
_______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
