Multiple radius server in an otp configuration
Benjamin Kaduk
kaduk at MIT.EDU
Wed Sep 21 14:43:14 EDT 2016
On Wed, 21 Sep 2016, Laurent.Bastet at developpement-durable.gouv.fr wrote:
> Hello all,
>
> I use Kerberos with the OTP plugin. It works fine except i don't know
> how to put more than 1 server in the otp configuration in the 'kdc.conf' :
>
> Actually my otp section in 'kdc.conf' :
>
> [otp]
> myotp = {
> server = xxx.xxx.xxx.xxx:1812
> secret = /etc/krb5kdc/mysecret
> timeout = 3
> retries = 2
> strip_realm = true
> }
>
> Is there a way to put another server in this section, like
> server = xxx.xxx.xxx.xxx:1812 yyy.yyy.yyy.yyy:1812
> or
> server = xxx.xxx.xxx.xxx:1812
> server = yyy.yyy.yyy.yyy:1812
>
> I tried the 2 solutions below but it doesn't work...
A hasty read of the relevant source seems to indicate that the code is
taking the configuration entry and using it directly as the server
name+port, so your configuration would require additional development work
to be supported.
Sorry,
Ben
More information about the Kerberos
mailing list