The Domain Name System (DNS) is the de facto standard for local and global name resolution. In addition, outside of names, addresses, and certificates, DNS records can store a diverse range of data and metadata:
- DHCID: DHCP data
- HINFO: central processing unit (CPU) and operating system (OS) specifications
- LOC: location data
- SOA: zone administration information
- SRV: service location, which may include ports
- TXT: text notes, sometimes used to verify ownership
Thus, a domain TXT record can contain any string of text as long as it’s ASCII.
In this tutorial, we explore ways to check the TXT records for a domain from the shell. In particular, we show how several commands can perform what we need and discuss some specifics.
We tested the code in this tutorial on Debian 11 (Bullseye) with GNU Bash 5.1.4. It should work in most POSIX-compliant environments.
2. Using dig
The traditional way to list DNS records involves the dig tool from the bind9-dnsutils package:
$ dig baeldung.com [...] ;; QUESTION SECTION: ;baeldung.com. IN A ;; ANSWER SECTION: baeldung.com. 300 IN A 126.96.36.199 baeldung.com. 300 IN A 188.8.131.52 [...]
In this case, we only see A records since that’s the default. However, by employing the -t flag of dig and adding TXT, we can request this specific record type:
$ dig -t TXT x.gerganov.com [...] ;; QUESTION SECTION: ;x.gerganov.com. IN TXT ;; ANSWER SECTION: x.gerganov.com. 300 IN TXT "furu ike ya kawazu tobikomu mizu no oto" [...]
If +short is used, dig returns only the double-quoted strings from the TXT records, each on a new line:
$ dig +short -t TXT x.gerganov.com "furu ike ya kawazu tobikomu mizu no oto"
This format is usually easier to process within shell scripts.
Although not immediately obvious, we can also use the nslookup tool for our purposes:
$ nslookup baeldung.com Server: 184.108.40.206 Address: 220.127.116.11#53 Non-authoritative answer: Name: baeldung.com Address: 18.104.22.168 Name: baeldung.com Address: 22.214.171.124 Name: baeldung.com Address: 2606:4700:3108::ac42:2b08 Name: baeldung.com Address: 2606:4700:3108::ac42:28f8
Here, the default output format is more structured and less verbose.
For our particular needs, we can leverage the query, querytype, or type specifier by prefixing it with a – dash and providing the needed record type:
$ nslookup -querytype=TXT x.gerganov.com [...] Non-authoritative answer: x.gerganov.com text = "furu ike ya kawazu tobikomu mizu no oto" [...]
Alternatively, we can do the same interactively:
$ nslookup > set querytype=txt > x.gerganov.com [...] Non-authoritative answer: x.gerganov.com text = "furu ike ya kawazu tobikomu mizu no oto" [...]
Unlike dig, there are no good built-in options for a more concise output.
4. Using host
Similar to dig, the host command has the -t flag for specifying a record type:
$ host -t txt x.gerganov.com x.gerganov.com descriptive text "furu ike ya kawazu tobikomu mizu no oto"
While the output is somewhat more verbose than that of dig +short, the TXT record string is still within quotes so that we can extract it:
$ host -t TXT x.gerganov.com | sed 's/^[^"]*"\(.*\)"$/\1/' furu ike ya kawazu tobikomu mizu no oto
In this case, we employ sed to substitute the whole line with only the matching string. Notably, this works for multiline output and embedded quotes as well.
Since they are composed of ASCII characters, TXT record strings can also contain quotes. Since the utilities above use double quotes to surround the actual string, it’s worth noting how these are handled:
$ dig +short -t TXT quote.gerganov.com "This TXT record includes double quotes within its \"data\"."
As expected, to embed the double quotes within a double-quoted string, the tools just escape them.
Moreover, in general, DNS records are linked with a domain or subdomain. All tools above return the records for the exact request:
$ dig +short -t TXT www.gerganov.com $ dig +short -t TXT x.gerganov.com "furu ike ya kawazu tobikomu mizu no oto"
Thus, we might get no results for www.gerganov.com, although x.gerganov.com has a TXT record. Still, unlike with the local /etc/hosts file, DNS records support wildcards.
In this article, we inspected domain TXT records with different tools, exploring some details of the process.
In conclusion, the command we use for checking a TXT record usually depends on availability and convenience more than functionality.