Skip to content

Instantly share code, notes, and snippets.

@iwishiwasaneagle

iwishiwasaneagle/my_openconnect.md

Last active August 2, 2023 13:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save iwishiwasaneagle/763524c0e00a21866a7301b1befe054d to your computer and use it in GitHub Desktop.
Save iwishiwasaneagle/763524c0e00a21866a7301b1befe054d to your computer and use it in GitHub Desktop.
Download ZIP
2FA openconnect script without sudo privileges when opening browser
Raw
my_openconnect.md

Call this with something like the following

./my_openconnect \
  --authenticate \
  --external-browser $(which firefox-nightly) \
  -u USERNAME \
  --protocol=anyconnect \
  --authgroup=AUTH_GROUP \
  URL

Note: If you are a University of Glasgow student, the username will be your GUID and the protocol must be anyconnect.

Raw
my_openconnect.sh
#!/bin/bash
COOKIE=
eval `openconnect --authenticate "$@"`
if [ -z "$COOKIE" ]; then
exit 1
fi
tmux rename-window "VPN"
sudo openconnect --servercert "$FINGERPRINT" "$CONNECT_URL" --cookie-on-stdin ${RESOLVE:+--resolve "$RESOLVE"} <<< "$COOKIE"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment