Set a timeout for kerberos login #22
Comments
|
This mostly isn't under the control of a client of the Kerberos library such as this module, so far as I can see. However, if you build the module against Heimdal (instead of MIT Kerberos), it looks like you can set |
|
The MIT one seems to be like 2-3 minutes, but that might be an element of something like a DNS query getting hung and not how long for a connection. Still though, if any of that takes more than 10 seconds I don't really want to wait |
|
I've asked the MIT Kerberos developers if there's any way that either the application or the user can control this timeout. |
|
The MIT Kerberos developers unfortunately report that there is no way for the user or the application to control these timeouts. It doesn't look like there's a good solution at the PAM module level except to use Heimdal instead (which of course may affect more than just this). |
|
That's unfortunate, thanks for reaching out anyway. Closing this issue for now as it doesn't seem like there's a good way to handle this on the module side, but feel free to reopen if this changes. |
Sometimes my laptop is not connected to a network when I log in or has some issue with routing where, although it does have a default route, it does not actually have a network connection. These are all issues that are easy to solve once I log in, however, I am frequently left at the lockscreen for upwards of 2 minutes waiting for a kerberos timeout. Can an option be added to time-out kerberos in a more reasonable period of time, like 15 seconds? I'd have to run kinit when I log in anyway when it times out but having to wait 2 minutes is just too long. It does seem to recognize (usually) that I am offline if, for instance, there are no active network interfaces, however, my VPN does not always remove its interface and routes upon server disconnect (which should not cause an issue with something as crucial as a login screen.)
The text was updated successfully, but these errors were encountered: