[37699] in Kerberos
Re: Multiple radius server in an otp configuration
daemon@ATHENA.MIT.EDU (Laurent.Bastet@developpement-durab)
Thu Sep 22 09:32:32 2016
Message-ID: <57E3DD4F.4030908@developpement-durable.gouv.fr>
Date: Thu, 22 Sep 2016 15:31:59 +0200
From: <Laurent.Bastet@developpement-durable.gouv.fr>
MIME-Version: 1.0
To: Benjamin Kaduk <kaduk@mit.edu>
In-Reply-To: <alpine.GSO.1.10.1609211439220.5272@multics.mit.edu>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello,
Thanks for your answer.
Regards,
Laurent BASTET
Le 21/09/2016 20:43, > Benjamin Kaduk (par Internet) a écrit :
> On Wed, 21 Sep 2016, Laurent.Bastet@developpement-durable.gouv.fr wrote:
>
>> Hello all,
>>
>> I use Kerberos with the OTP plugin. It works fine except i don't know
>> how to put more than 1 server in the otp configuration in the 'kdc.conf' :
>>
>> Actually my otp section in 'kdc.conf' :
>>
>> [otp]
>> myotp = {
>> server = xxx.xxx.xxx.xxx:1812
>> secret = /etc/krb5kdc/mysecret
>> timeout = 3
>> retries = 2
>> strip_realm = true
>> }
>>
>> Is there a way to put another server in this section, like
>> server = xxx.xxx.xxx.xxx:1812 yyy.yyy.yyy.yyy:1812
>> or
>> server = xxx.xxx.xxx.xxx:1812
>> server = yyy.yyy.yyy.yyy:1812
>>
>> I tried the 2 solutions below but it doesn't work...
> A hasty read of the relevant source seems to indicate that the code is
> taking the configuration entry and using it directly as the server
> name+port, so your configuration would require additional development work
> to be supported.
>
> Sorry,
>
> Ben
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
