2026-02-10 16:57:00 +08:00 · 2015-02-26 09:22:28 +01:00
parent 7a675ff5e2
commit c9efcae416
2 changed files with 12 additions and 8 deletions
							
							
							
						
@@ -1,7 +1,7 @@
# User authentication method. Could be set multiple times and in 
# that case all should succeed. To enable multiple methods use
# multiple auth directives. Available options: certificate, 
# plain, pam, radius[config=configfile,groupconfig=trueval], gssapi.
# plain, pam, radius, gssapi.
#
# Note that authentication methods cannot be changed with reload.
							
							
							
								
							
						
@@ -9,8 +9,8 @@
#  This indicates that all connecting users must present a certificate.
#
# pam[gid-min=1000]:
#  The gid-min option is used by auto-select-group option, in order to
# select the minimum valid group ID.
#  This enabled PAM authentication of the user. The gid-min option is used 
# by auto-select-group option, in order to select the minimum valid group ID.
#
# plain[passwd=/etc/ocserv/ocpasswd]
#  The plain option requires specifying a password file which contains
							
								
							
							
								
							
							
						
@@ -216,7 +216,9 @@ min-reauth-time = 300
# Banning clients in ocserv works with a point system. IP addresses
# that get a score over that configured number are banned for
# min-reauth-time seconds. A wrong password attempt is 10 points,
# a KKDCP POST is 1 point, and a connection is 1 point.
# a KKDCP POST is 1 point, and a connection is 1 point. Note that
# due to difference processes being involved the count of points
# will not be real-time precise.
#
# Set to zero to disable.
max-ban-score = 50