0

So i'm trying to write a script to ease the process of connecting to OpenVPN server.

So when i write:

openvpn --config vpnbook-pl226-udp53.ovpn

It prompts me to type username and password:

Wed Apr  1 21:23:28 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] 
[EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed Apr  1 21:23:28 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Enter Auth Username:            
Enter Auth Password:

Here i want my script to automatically send username and password to OpenVPN.

I had the following attempts:

Attempt 1:

{ echo "vpnbook"; echo "3vze4vd"; } | openvpn --config vpnbook-pl226-udp53.ovpn

Attempt 2:

echo -e "vpnbook\n3vze4vd" | openvpn --config vpnbook-pl226-udp53.ovpn

Attempt 3:

(echo $username; echo $password;) | openvpn --config vpnbook-pl226-udp53.ovpn

But none of them are working, i'm getting the following output:

Wed Apr  1 21:38:14 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed Apr  1 21:38:14 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10

Then nothing happens.

Can someone please give me a hint on this ?

Improve this question

2 Answers 2

Reset to default
2

You may be able to add the username and password to a secure file (one that only the owner can read). Look up the auth-user-pass pass in your OpenVPN documentation for details (man openvpn):

cat > /path/to/secret <<'X'
myusername
verysecret
X
chmod u=rw,go= /path/to/secret

Now find the auth-user-pass directive in your OpenVPN configuration file and extend it like this

auth-user-pass /path/to/secret
Improve this answer
1
  • 1
    Thank you very much This exactly solve my problem, but in a better manner than what i was thinking of. Commented Apr 1, 2020 at 21:47
1

This looks like a job for expect.

For the purposes of this demonstration, I wrote a short script to impersonate the behavior of your openvpn command:

#! /usr/bin/env bash
echo "Wed Apr  1 21:23:28 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4]"
echo "[EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019"
echo "Wed Apr  1 21:23:28 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10"
read -r -p 'Enter Auth Username: ' USERNAME
read -rs -p 'Enter Auth Password: ' PASSWORD

echo
echo "username was $USERNAME"
echo "password was $PASSWORD"

Here's a short expect script that responds to these prompts:

#! /usr/bin/env expect

spawn ./fakevpn --config vpnbook-pl226-udp53.ovpn

expect "Enter Auth Username: " { send Hello\r } # \r is the "return" character.
expect "Enter Auth Password: " { send World\r } # It simulates hitting the Enter key.
expect eof # This ensures expect won't exit until there's no more output.

Here's what the output looks like:

[gnubeard@mothership: ~/vpn]$ ./vpn_expect
spawn ./fakevpn --config vpnbook-pl226-udp53.ovpn
Wed Apr  1 21:23:28 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4]
[EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed Apr  1 21:23:28 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Enter Auth Username: Hello
Enter Auth Password:
username was Hello
password was World

Edit: roiama's solution is superior to this one for security reasons. I'll leave this up in case it's helpful for someone trying to figure out how to automate interactive commands.

Improve this answer
1
  • 1
    Thank you very much for spending time and effort to answer my question I've gone with roiama's answer for this scenario (since OpenVPN has a built-in capability of reading credentials through files) Thank you again Commented Apr 1, 2020 at 21:51

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.