techdad · March 30, 2017 16:26
diff --git a/gen-tsig-v1.sh b/gen-tsig-v1.sh
 #!/usr/bin/env bash
 # quick and dirty TSIG generation script

 # define key params 
 algo="hmac-sha512"
 size="512"

 # get key name
 if [[ -z $1 ]]; then
    echo "Error: Usage: $0 <key-name>"
    exit 1
 else
    keyn="$1"
 fi

 # use generate has for our secret
 dnssec-keygen -a ${algo} -n host -b ${size} ${keyn}

 # extract to bind9 format
 grep "Key" K${keyn}.+*.private | \
  awk -v keyn="$keyn" -v algo="$algo" \
  '{print "key " keyn " {\n\talgorithm " algo ";\n\tsecret \"" $2 "\";\n};"}' \
  > ${keyn}.key

 # optionally uncomment to delete tmp files
 # rm -fv K${keyn}.+*.* 
 # eof
	#!/usr/bin/env bash
	# quick and dirty TSIG generation script

	# define key params
	algo="hmac-sha512"
	size="512"

	# get key name
	if [[ -z $1 ]]; then
	echo "Error: Usage: $0 <key-name>"
	exit 1
	else
	keyn="$1"
	fi

	# use generate has for our secret
	dnssec-keygen -a ${algo} -n host -b ${size} ${keyn}

	# extract to bind9 format
	grep "Key" K${keyn}.+*.private \| \
	awk -v keyn="$keyn" -v algo="$algo" \
	'{print "key " keyn " {\n\talgorithm " algo ";\n\tsecret \"" $2 "\";\n};"}' \
	> ${keyn}.key

	# optionally uncomment to delete tmp files
	# rm -fv K${keyn}.+.
	# eof