Two questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2012-08-03 at 10:23 -0400, Steve Ayers wrote:
> Hello,
> 
> I am trying to connect to a VPN host at my company using OpenConnect,
> but can't seem to get it working.  First, I am trying from the command
> line and when it gives me the '...asked us to download a CSD trojan,
> you should enable it'.  Where is the setting to enable that from the
> command line?

The --csd-user option, which specifies the user to run it as. If you
trust them despite their history of making basic security mistakes, then
you can use --csd-user=`whoami`. Or if you're running as root, make an
unprivileged user and run the CSD crap as that user.

> Second, it looks my company doesn't have Linux binaries on the server.
>  Is it still possible to use Open Connect or am I on a wild goose
> chase?

You can run it under wine, perhaps. You should be able to set
vpninfo->csd_scriptname to just "csd" and that'll make it fetch the
Windows version, and then use the --csd-wrapper option. That'll invoke a
program or script of your choice, with the downloaded CSD blob as the
first argument.

If you work out what the Windows trojan actually *posts* to the server,
you can probably avoid using Wine to run it, and just run a script that
users 'curl' to post the "right" answers.

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120803/0365a76d/attachment-0001.bin>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux