Ask / Submit

OpenConnect: Usage with username and password

asked 2017-07-27 16:35:52 +0300

schmittlauch gravatar image

Currently OpenConnect wants to know:

  • WebVPN cookie data
  • Hash of server certificate
  • server after authentication

This data is something the usual user won't be able to provide. Other OpenConnect user interfaces (e.g. the ones for NetworkManager) have a more user-friendly workflow, asking for:

  • user name
  • password
  • a CA certificate (as a file, not as hash)
  • maybe a group.

I'd like this user friendly interface to be implemented for SFOS, too, as logi-in with username and password for OpenConnect is a quite widespread use case.

edit retag flag offensive close delete

2 Answers

Sort by » oldest newest most voted

answered 2017-07-28 16:34:48 +0300

vitaminj gravatar image

Duplicate of

edit flag offensive delete publish link more



I'd like to object: Your linked question is only requesting a how-to, so a guide on how to obtain the cookie data would probably solve it.
I want the functionality of using OpenConnect VPNs with username and password to be implemented directly, without the need to follow a guide or use some workaround.

schmittlauch ( 2017-07-29 00:49:36 +0300 )edit

answered 2019-03-03 21:20:17 +0300

Karry gravatar image

Hi. It is possible to open openconnect vpn just with username/password/2-factor OTP from root shell:

/usr/sbin/openconnect --verbose --authgroup=secure

But DNS and routes are not setup. It is necessary to provide --script argument probably.

SFOS "just" need to provide correct UI and some daemon (?) integration. Is some missing part open-source? How can we help to solve this issue?

edit flag offensive delete publish link more


To setup DNS and routes you can use vpnc script like this:

openconnect --script /etc/vpnc/vpnc-script

Found here

KartR ( 2019-03-28 12:46:34 +0300 )edit
Login/Signup to Answer

Question tools



Asked: 2017-07-27 16:35:52 +0300

Seen: 1,338 times

Last updated: Mar 03 '19