I've always wanted to manage my Cisco vpn connections via command line.
This is a pain since my work VPN is configured to use a password to login. I borrowed heavily from this comment but made a few changes because storing passwords in plaintext which I cat into stdin makes me nervous
I can pretty easily make a encrypted version of the password file and read that in instead of a plaintext file.
I've added this to my bashrc/zshrc for managing vpn connections
function vpnsetup() {
sudo sh -c 'echo "%admin ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect, /bin/kill" > /etc/sudoers.d/openconnect'
}
function vpnstart() {
gpg --decrypt -a ~/.vpn_pass.gpg 2>/dev/null | sudo openconnect \
--background \
--pid-file="$HOME/.openconnect.pid" \
--user=$VPNUSER \
--servercert=sha256:1a341debc187f588029878f6d884182f41a92013e9297b8eaa6dce88b797e65d \
--authgroup=$AUTHGROUP $VPNHOST \
--passwd-on-stdin
}
function vpnstop() {
if [[ -f "$HOME/.openconnect.pid" ]]; then
sudo kill -2 $(cat "$HOME/.openconnect.pid") && rm -f "$HOME/.openconnect.pid"
else
echo "openconnect pid file does not exist, probably not running"
fi
}