Re: network-manager-openconnect, was Re: Error messages /traceroute

(Sorry for previous empty reply; I think the control key stuck, so it
sent when I hit enter.)

On Wed, 2010-02-24 at 10:53 +0100, Johannes Becker wrote:
> Am Dienstag, 23. Februar 2010 schrieb David Woodhouse:
> > I think you may need to reboot (or at least restart NM and dbus-daemon)
> > before the new NetworkManager plugin works.
> Because you can't reboot a Live-CD for this purpuse, I checked
> it again with Debian Squeeze. It's too boring to report all the
> different ways of failures with network manager. It just confirms
> my old opinion that network manager makes things not easier.
> It may work with special Linux distributions, but if it fails
> there's no help. 

I think the Fedora LiveCD includes the NetworkManager-openconnect
package, so it ought to work out of the box.

I think there's a Ubuntu bug filed but the response was "it's better to

> So I will tell our users to work with the command line.

If you like, you could abuse the GUI auth-dialog tool so that you at
least get a graphical login with choice of available VPN servers.

You can run a script (like, note
the UUID it generates, then run
nm-openconnect-auth-dialog -u $UUID -n "$ORG VPN login" -s org.freedesktop.NetworkManager.openconnect

On a successful authentication, it'll spit out the address of the VPN
server to connect to, the authentication cookie, and the SHA1 of the
server's SSL certificate (to prevent MiTM attacks).

Then you can 
echo $COOKIE | openconnect --servercert $SHA1 --cookie-on-stdin $HOST

David Woodhouse                            Open Source Technology Centre
David Woodhouse intel com                              Intel Corporation

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]