unable to start named- loading configuration: bad base64 encoding

[ropox]

Hello everyone

I've been banging my head around this but cant figure out what the problem is..
named service wont start and i know why. i followed the thread i found over here
but i got stuck to the point where i get a bad base 64 encoding while loading named

here is what my named.conf file looks like:
options {
directory "/var";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};


and my /etc/rndc.conf

key "rndc-key" {
algorithm hmac-md5;
secret "CeMgS23y0oWE20nyv0x40Q==";
};

options {
default-key "rndc-key";
default-server 127.0.0.1;
# default-port 953;
};


and my /etc/rndc.key

key "rndckey" {
algorithm hmac-md5;
secret "CeMgS23y0oWE20nyv0x40Q==";
};


doing a service named start gives these log messages

Jan 27 00:45:11 myserver named[14215]: using 8 CPUs
Jan 27 00:45:11 myserver named[14215]: loading configuration from '/etc/named.conf'
Jan 27 00:45:11 myserver named[14215]: no IPv6 interfaces found
Jan 27 00:45:11 myserver named[14215]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 27 00:45:11 myserver named[14215]: listening on IPv4 interface venet0:0, 00.205
.30.78#53
Jan 27 00:45:11 myserver named[14215]: listening on IPv4 interface venet0:1, 00.205
.00.103#53
Jan 27 00:45:11 myserver named[14215]: /etc/rndc.key:1: configuring key 'rndckey':
bad base64 encoding
Jan 27 00:45:11 myserver named[14215]: loading configuration: bad base64 encoding
Jan 27 00:45:11 myserver named[14215]: exiting (due to fatal error)
Jan 27 00:45:11 myserver named: named startup failed


WHY IS THIS HAPPENING ??? I have the same key on both rndc.conf and rndc.key files

this is so frustrating.... I don't have my mail server running because of this....
Could anyone give me some advice ? would be much appreciated ...

PS i have googled a lot before deciding to write this post....

 

[Amin Taheri]

I found this on google - did you try this?

check the /etc/rndc.conf file and copy the key from there(you will see the key in the first lines of the file) and replace the key that it is in /etc/rndc.key file and restart named process

What do you get when you do rndc status?

You may be able to just regenerate your rndc key since it appears corrupted, and on that note I found this

The command you need is: rndc-confgen

Something like the following will generate a good key:

cp /etc/rndc.key /etc/rndc.key.old
rndc-confgen -a -b 128 -c /etc/rndc.key -k rndc-key
chown named:named /etc/rndc.key

Your named.conf should be able to read the newly generated key.