Multiple radius server in an otp configuration

Laurent.Bastet@developpement-durable.gouv.fr Laurent.Bastet at developpement-durable.gouv.fr
Thu Sep 22 09:31:59 EDT 2016


Hello,

Thanks for your answer.

Regards,

Laurent BASTET



Le 21/09/2016 20:43, > Benjamin Kaduk (par Internet) a écrit :
> On Wed, 21 Sep 2016, Laurent.Bastet at developpement-durable.gouv.fr wrote:
>
>> Hello all,
>>
>> I use Kerberos with the OTP plugin. It works fine except i don't know
>> how to put more than 1 server in the otp configuration in the 'kdc.conf' :
>>
>> Actually my otp section in 'kdc.conf' :
>>
>> [otp]
>>       myotp = {
>>           server = xxx.xxx.xxx.xxx:1812
>>           secret = /etc/krb5kdc/mysecret
>>           timeout = 3
>>           retries = 2
>>           strip_realm = true
>>       }
>>
>> Is there a way to put another server in this section, like
>>           server = xxx.xxx.xxx.xxx:1812 yyy.yyy.yyy.yyy:1812
>> or
>>           server = xxx.xxx.xxx.xxx:1812
>>           server = yyy.yyy.yyy.yyy:1812
>>
>> I tried the 2 solutions below but it doesn't work...
> A hasty read of the relevant source seems to indicate that the code is
> taking the configuration entry and using it directly as the server
> name+port, so your configuration would require additional development work
> to be supported.
>
> Sorry,
>
> Ben
>


More information about the Kerberos mailing list