6
3
I'm trying to login to my VPN (Cisco IPSec) through command line on a mac
scutil --nc start "myVPN (Cisco IPSec)" --password "mypassword"
When running that script i just get the usual popup without it filling in the password, (though the username is autofilled (just like when clicking the vpn login). Is it possible to fill in password using this method, or is it any other way of connecting to VPN through command line?
bogen
Posted 2014-09-09T08:52:37.460
Reputation: 201
4
I wrote a shell script that fetches the password from keychain and then pastes it into the popup. You have to make a keychain item with the password for this to work.
# VPN.sh
# change these variables for your setup
keychainItem=accountWithPassword # this name has to match "Account" for the entry you make in keychain
VPNName="VPN (Cisco IPSec)" # match the name of the VPN service to run
get_pw () {
security 2>&1 >/dev/null find-generic-password -ga $keychainItem \
|ruby -e 'print $1 if STDIN.gets =~ /^password: "(.*)"$/'
}
echo "fetching VPN credentials from keychain account \"$keychainItem\""
echo "Using VPN service: $VPNName"
scutil --nc start "$VPNName"
sleep 2.7
osascript -e "tell application \"System Events\" to keystroke \"$(get_pw)\""
osascript -e "tell application \"System Events\" to keystroke return"
sleep 2
exit
bogen
Posted 2014-09-09T08:52:37.460
Reputation: 201
Thanks for the script. That might be a workaround for now but being able to login directly from the command line would be the ideal solution. I have looked around and couldn't find anything yet, which I find odd. Anyway, let me know if you come across anything. – Guven – 2015-06-30T15:29:07.313
Yeah i could not find anything about it as well, so been using that script for now – bogen – 2015-06-30T19:01:12.010
1
This might be a nice way which checks whether the VPN is connected already...
\#!/bin/sh
keychainItem="MY KEYCHAIN ACCOUNT"# this name has to match "Account" for the entry you make in keychain
VPNName="MY VPN" # match the name of the VPN service to run
function isnt_connected () {
scutil --nc status "$VPNName" | sed -n 1p | grep -qv Connected
}
get_pw () {
security 2>&1 >/dev/null find-generic-password -ga $keychainItem \
|ruby -e 'print $1 if STDIN.gets =~ /^password: "(.*)"$/'
}
echo "fetching VPN credentials from keychain account \"$keychainItem\""
echo "Using VPN service: $VPNName"
if isnt_connected $VPNName; then
echo "Connecting to VPN..."
scutil --nc start "$VPNName"
sleep 0.5
osascript -e "tell application \"System Events\" to keystroke \"$(get_pw)\""
osascript -e "tell application \"System Events\" to keystroke return"
sleep 2
osascript -e "tell application \"System Events\" to keystroke return"
else
echo "Already Connected to VPN..."
fi
Palmdaddy
Posted 2014-09-09T08:52:37.460
Reputation: 11
Were you ever able to find a solution for this? – Guven – 2015-06-30T07:26:20.463
@Guven Yes i have made a solution, can post it later today – bogen – 2015-06-30T11:32:06.123
Thanks! I will take a look at your answer and let you know. Also, I actually want to take this approach one step further and do the complete login process from the command line/terminal (without showing this popup). Let me know if you have any ideas there as well! – Guven – 2015-06-30T11:49:41.710
That would be even better, some times the popup takes more than 2.7 seconds to show up, then it fails to log in. – bogen – 2015-06-30T12:20:42.967