Added the possibility of using a list of TACACS+ servers to the perl module Authen::TacacsPlus.
Just pass an array reference with each server parameters to the constructor.
my $tac = new Authen::TacacsPlus( [Host=>tp1.example.com, Key=>'Th3k3y', Timeout=>5], [Host=>tp2.example.com, Key=>'kikiriki'], [Host=>tp3.example.com, Key=>'l0keet', Port=>4949] );
The order is relevant, so it will only try tp2
if tp1
failed.
Please note that it’s a server fail (unreachable, wrong key) and not an authentication one. If tp1
responds with a failed authentication it won’t test the other servers. You can get the patched version from the “moreservers” branch at https://github.com/biafra/Authen–TacacsPlus/tree/moreservers It will not break the use of the other syntax.
$tac = new Authen::TacacsPlus(Host=>$server, Key=>$key, [Port=>'tacacs'], [Timeout=>15]);
Update: It has been included in the module distribution (v0.21) by the maintainer.