#!/bin/bash

# Script to generate TSIG key for BIND

echo "Generating TSIG key for secure zone transfers..."

# Generate a new TSIG key
tsig-keygen -a HMAC-SHA256 transfer-key > /etc/named/transfer-key.conf

echo "TSIG key generated and saved to /etc/named/transfer-key.conf"
echo ""
echo "To use this key:"
echo "1. Include the key file in your named.conf with: include \"/etc/named/transfer-key.conf\";"
echo "2. Copy the key to all secondary servers"
echo "3. Configure secondary servers to use the same key"
echo ""
echo "Key content:"
cat /etc/named/transfer-key.conf