nsupdate - adding large/split TXT record (2048 bit DKIM key)

Ondřej Surý ondrej at isc.org
Mon Jun 1 11:08:24 UTC 2020 

I think it’s reasonable for nsupdate to do the chunking on itself. Patches are always welcome, but if you can start by creating issue for us, it would be very much welcome. I can’t offer you any timeframe, but at least it won’t get lost.

Ondrej
--
Ondřej Surý
ondrej at isc.org

> On 1 Jun 2020, at 12:50, Andreas S. Kerber <ask at ag-trek.de> wrote:
> 
> On Mon, Jun 01, 2020 at 04:11:43AM -0400, vom513 wrote:
>> Can anyone point me to an example of how to do this ?  I have a script that rotates my DKIM keys, and uses nsupdate to publish.  With 1024 bit - I must be getting by by the skin of my teeth…
>> 
>> When I try 2048 bit, the record is obviously longer.  All of my attempts of running it through the Rube Goldberg sed machine have failed - nsupdate chokes on format.
> 
> Yeah, I had troubles with those 2048 bit DKIM records too. nsupdate will need it like this:
> 
> server X.X.X.X
> zone ag-trek.de
> update add test.ag-trek.de. 86400 IN TXT    "v=DKIM1; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LmxUW2tnM07YbofiOGR3T6KS/BfHmyPYe0GOEEch/abeTjaL3OtuhmVmr4QMe2HV/6n5SBiVh4PE2wZxUcS2LMNbo5Hn7KO3UsTbIxCKuM6jvUpWtJPgC0uBGNkEARQVBSjW9pqYUQYkXzXLEULbu1AThgaUvCbVzWmvTQeEFXbBWP24O/" "LkiprI+iKRskRv0qgIOV0CRm32tk4MP/IcZBdjZ3sHrg3myjVJPfSUBOUyISXKRtiwfIgPeCj4V97Q+psmHvnDz9EID0eZaKih8neroRBETYDLFYjd6Pv9JTqrY7jXOHhM4kmOZOUyNXEIz22JVuaNSJbtXzNWTKpyQIDAQAB"
> 
> 
> Break up the record in chunks of less than 255 byte, enclose each of these parts with "" and feed nsupdate all of these chunks seperated with a space on one line.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200601/56b1f4a8/attachment.bin>

More information about the bind-users mailing list