Hi,
I'm trying to connect to a VPN, which uses RSA.
I'm trying to connect with a variant of this command:
echo ${PASSWORD} | openconnect "${SERVER}" --authgroup ${GROUP} -u
"${USER}" --token-mode rsa
This provides a non-functional:
</opaque><auth><username>USERNAME</username><password>RSATOKEN</password><secondary_password>PASSWORD</secondary_password></auth><group-select>GROUP</group-select></config-auth>
However, if I do it via hand I am able to login:
</opaque><auth><username>USERNAME</username><password>PASSWORD</password><secondary_password>RSATOKEN</secondary_password></auth><group-select>GROUP</group-select></config-auth>
The password and secondary_password are reversed.
On this page it states the ordering:
http://www.infradead.org/openconnect/token.html
"SecurID token codes will automatically fill in the primary password
field in the authentication form presented by the server" .. "This
behaviour is empirically determined by the requirements of the servers
that we have tested with; if you find a configuration in which it is
not appropriate, please let us know."
This mail is letting you know... is there a workaround?
--
Kind Regards,
Dave Walker
