0
I have a QR code for setting up, say google authenitcator to generate TOTP codes. I've viewed the text value of the QR code and it looks like:
otpauth://totp/<user>@<host>?secret=A1A2A3A4A5A6A7A8
openconnect vpn client claims I can pass in the secret to it as a command line arg but I've tried just
--token-secret=A1A2A3A4A5A6A7A8
but that doesn't appear to work? Anyone with experience of this out there who can adivse?
Matt Fellows
Posted 2019-05-23T15:26:35.180
Reputation: 111
0
You can connect using following:
openconnect HOSTNAME --user=USERNAME --passwd-on-stdin --token-mode=totp --token-secret=sha1:base32:TOKEN
EDIT: Added more information as per comment.
You are missing the
-token--mode=totp
You can use the command I mentioned on top to connect.
--passwd-on-stdin
is used to enter the password (unmasked I must say) on stdin just after executing the command.
Also, make sure you provide encoding and hashing algorithm used with token secret. Since you mentioned you are using google authenticator which defaults to base32 and sha1.
sha1:base32:TOKEN
Lastly, it works for me over linux and mac but not over windows.
Ajit
Posted 2019-05-23T15:26:35.180
Reputation: 101
This doesn't answer the question as it was written. – music2myear – 2019-08-18T01:25:34.707
@music2myear updated to reflect more information according to question. – Ajit – 2019-09-05T22:29:15.603