Add server address, username, password and 2fa seed in keychain with these names:
*`Openconnect VPN Server`
*`Openconnect Username`
*`Openconnect Account Password`
*`Openconnect TOTP Seed`
_For ease of use you can allow automatic keychain access to some of the attributs, but_ **do not allow automatic access to password and especially the 2fa seed**. _It will keep it in memory as long as the script is running._
In case of disconnect, it will try reconnecting after 3 seconds. You can stop it by pressing `CTRL+C` or killing the script.
### Yubikey
Yubikey can be used for safe storage of TOTP seed. Configure TOTP in Yubikey Authenticator app or `ykman oath` if using command line. Then use `ykman oath list` to get the name of the entry and set that name in `OC_YUBIKEY` environment variable.