On Mon, Nov 13, 2017 at 12:22 PM, Kevin Cernekee <cernekee at gmail.com> wrote: > The PIN and timestamp are the two main factors (assuming you don't > have a bunch of different token seeds / rc files lying around). > > The PIN will only affect 4 digits of the tokencode: > > $ stoken --force --pin 0000 ; stoken --force --pin 9999 > 83862206 > 83861195 > > If it helps, you can modify the openconnect code to print out the time > being passed to the library, and simulate it from the command line > like this: > > $ stoken --force --pin 0000 --use-time=`date +%s` > 20276056 I tried adding: + fprintf(stderr,"%d %s %s\n",vpninfo->token_time, vpninfo->stoken_pin, tokencode); to do_gen_stoken_code and got the following output (token redacted): 1510603286 (null) <token> running stoken --force --use-time=1510603286 and I get a totally different value. There's only a single stokenrc file. I have a pin 0000 saved in the stokenrc file. Thanks, Andy
