Kerberos TCP retries
Ken Hornstein
kenh at cmf.nrl.navy.mil
Sun Aug 4 12:52:26 EDT 2024
>We discovered that kerberos clients retries to send request after 10sec
>and unfortunately it means that another MFA request is sent. Is there
>any way howto extend this period(10sec to 60sec)?
>
>I have found one commit which can fix this issue, it is #9105 "Wait
>indefinitely on KDC TCP connections" Is there any plan to include this
>commit in future release?
We actually had this discussion here last week:
https://mailman.mit.edu/pipermail/kerberos/2024-July/023175.html
The answers to your questions are: there is no knob to adjust the
client timeout and the above commit will be in MIT Kerberos 1.22.
--Ken
More information about the Kerberos
mailing list