Radius failover server for OTP Preauthentication

Abdelkader Chelouah a.chelouah at gmail.com
Fri Jun 18 11:59:45 EDT 2021


I'm using krb5-1.18.3. When using OTP Preauthentication mechanism, the 
token type is defined according to the following format

     <name>  =  {
         server  =  <host:port  or  filename>  (default:  see  below)
         secret  =  <filename>
         timeout  =  <integer>  (default:  5  [seconds])
         retries  =  <integer>  (default:  3)
         strip_realm  =  <boolean>  (default:  true)
         indicator  =  <string>  (default:  none)

It is my understanding that the *server* field (radius server) accepts 
only one *host:port* endpoint. For high availability purpose, is it 
possible to specify multiple endpoint ?

Best regards

More information about the Kerberos mailing list