[37698] in Kerberos
Re: Multiple radius server in an otp configuration
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Wed Sep 21 14:43:38 2016
Date: Wed, 21 Sep 2016 14:43:14 -0400 (EDT)
From: Benjamin Kaduk <kaduk@mit.edu>
To: Laurent.Bastet@developpement-durable.gouv.fr
In-Reply-To: <57E23778.9090100@developpement-durable.gouv.fr>
Message-ID: <alpine.GSO.1.10.1609211439220.5272@multics.mit.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Wed, 21 Sep 2016, Laurent.Bastet@developpement-durable.gouv.fr wrote:
> Hello all,
>
> I use Kerberos with the OTP plugin. It works fine except i don't know
> how to put more than 1 server in the otp configuration in the 'kdc.conf' :
>
> Actually my otp section in 'kdc.conf' :
>
> [otp]
> myotp = {
> server = xxx.xxx.xxx.xxx:1812
> secret = /etc/krb5kdc/mysecret
> timeout = 3
> retries = 2
> strip_realm = true
> }
>
> Is there a way to put another server in this section, like
> server = xxx.xxx.xxx.xxx:1812 yyy.yyy.yyy.yyy:1812
> or
> server = xxx.xxx.xxx.xxx:1812
> server = yyy.yyy.yyy.yyy:1812
>
> I tried the 2 solutions below but it doesn't work...
A hasty read of the relevant source seems to indicate that the code is
taking the configuration entry and using it directly as the server
name+port, so your configuration would require additional development work
to be supported.
Sorry,
Ben
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
