0

Using more than one server in Authen::TacacsPlus

Added the possibility of using a list of TACACS+ servers to the perl module Authen::TacacsPlus.

Just pass an array reference with each server parameters to the constructor.

my $tac = new Authen::TacacsPlus(
        [Host=>tp1.example.com, Key=>'Th3k3y', Timeout=>5],
        [Host=>tp2.example.com, Key=>'kikiriki'],
        [Host=>tp3.example.com, Key=>'l0keet', Port=>4949]
);

The order is relevant, so it will only try tp2 if tp1 failed.

Please note that it’s a server fail (unreachable, wrong key) and not an authentication one. If tp1responds with a failed authentication it won’t test the other servers. You can get the patched version from the “moreservers” branch at https://github.com/biafra/Authen–TacacsPlus/tree/moreservers It will not break the use of the other syntax.

$tac = new Authen::TacacsPlus(Host=>$server,
                              Key=>$key,
                               [Port=>'tacacs'],
                               [Timeout=>15]);

Update: It has been included in the module distribution (v0.21) by the maintainer.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.