Pass TOTP code on STDIN to hide seed from process list.
This commit is contained in:
Jānis Jansons
@@ -12,6 +12,7 @@ Additionaly routing for only specific subnets can be added in `routes.txt`
|
||||
git clone this repo
|
||||
brew install openconnect
|
||||
brew install vpn-slice
|
||||
brew install oath-toolkit
|
||||
```
|
||||
|
||||
Add server address, username, password and 2fa seed in keychain with these names:
|
||||
|
||||
+3
-3
@@ -44,13 +44,13 @@ while true; do
|
||||
SCRIPT_INCLUDE="--script=\"$SCRIPTPATH/routing.sh\""
|
||||
fi
|
||||
|
||||
echo $PASSWORD | sudo openconnect \
|
||||
TOTP=$(oathtool --totp=sha1 -b "$SEED")
|
||||
|
||||
echo -e "$PASSWORD\n$TOTP" | sudo openconnect \
|
||||
--csd-wrapper hostscan-bypass.sh \
|
||||
--passwd-on-stdin \
|
||||
--os=mac-intel \
|
||||
$SCRIPT_INCLUDE \
|
||||
--token-mode=totp \
|
||||
--token-secret=sha1:base32:$SEED \
|
||||
-u $USERNAME \
|
||||
$SERVER
|
||||
|
||||
|
||||
Reference in New Issue
Block a user