generating TSIG keys with 'dnssec-keygen', get "error reading key file ... bad key type"?

jasonsu at jasonsu at
Tue Apr 19 23:30:45 UTC 2016

On Tue, Apr 19, 2016, at 04:25 PM, Evan Hunt wrote:
> It's not "bad", dnssec-keygen can generate TSIG keys fine, it's just that
> it's cumbersome to remember all the options, and the keys are generated in
> a format that isn't directly useful.

Sure that's what I was doing anyway.

To be clean, I'm not saying it's bad.

It's returning the "bad key type" .

I'm just trying to understand what the problem is.


More information about the bind-users mailing list