dnssec-keygen -a hmac-md5 -b 256 -n user rndc

rndc is a valid user, dnssec-keygen hangs basically forever, consuming 0.0 CPU and 0.1 MEM. This is on a dual Xeon with 2.5GB of memory. Its been running for at least the last 15 minutes. No errors, nothing in syslog, just sits there.

Anyone run into this before?

I'm getting the same thing, and not finding anything on google. Anyone? This is the command I'm trying (from a tutorial)

It just hangs forever and does nothing.

Thanks in advance.

Well from further googling I did manage to find something that is interesting, so the way this command seems to work is that it requires some activity to be happening on the system, I'm not sure exactly the nature of the activity but I'm guessing disk and/or memory. Such activity seems to affect the output of /dev/random which dnssec uses. I did hexdump /dev/random and got nothing. I then did a system update as it's the first thing that came to mind to generate something random and then I started getting output in /dev/random and the dnssec-keygen command finished. Which draws an interesting thought, since this command requires the user to perform some activity on the server could the nature of this activity actually affect how secure the key is? Ex: a system update is not truly random, as someone who really knows what they're doing could probably figure out what changed if they can find out the last time I updated before doing that update as any system will get the same files, thus probably the same key.

When I do this on my web server (I'm doing it on a local test server right now) I imagine there will be more randomness going on though due to general traffic.