How to use openconnect to connect to vpn with 2 factor authentication with Google Authenticator

Question

I would like to connect to vpn using openconnect. Our company uses Google Authenticator codes.

vozman · Accepted Answer · 2020-08-04T20:14:58.563

5

Use this to create 2 factor codes on your pc https://github.com/arcanericky/ga-cmd
Store your account password in ~/.cisco/pass.txt

Then use this to connect to vpn

echo -e "$(sudo cat ~/.cisco/pass.txt)\n$(./ga-cmd <your-ga-site-name>)" | sudo openconnect --user=<username> --passwd-on-stdin <your-vpn.com>

edited Aug 04 '20 at 20:14

answered Aug 03 '20 at 15:38

vozman

1,198
1
14
19

score 3 · Answer 2 · edited Nov 12 '21 at 20:08

3

Or you can make it working with oathtool (works fine for macOS users):

alias vpn="echo -e '${YOUR_PWD}\n$(cat ~/.totp_google | xargs oathtool --totp -b)' | \
  sudo openconnect {YOUR_VPN_HOST} --user=${YOUR_USERNAME} --passwd-on-stdin"

Your secret shoud be in ~/.totp_google file.

edited Nov 12 '21 at 20:08

mirabilos

5,123
2
46
72

answered Sep 23 '20 at 08:41

Dzmitry Hubin

1,091
12
14

How to use openconnect to connect to vpn with 2 factor authentication with Google Authenticator

2 Answers2