search

dlenski / gp-saml-gui

Interactively authenticate to GlobalProtect VPNs that require SAML
GNU General Public License v3.0
305 stars 69 forks source link

Headless solution? #105

Open youknow16 opened 3 months ago

youknow16 commented 3 months ago

Is there anyway to do this on a headless server? Maybe the program can give a URL for use to open on his computer and paste the result back in the terminal?

dlenski commented 3 months ago

You have multiple options here. The most straightforward ones:

  1. Use gp-saml-gui, but then add --authenticate to the OpenConnect command line to only do the authentication phase on the graphical terminal, and then use the authentication token to actually start the connection on the server, as described in https://www.infradead.org/openconnect/manual.html#opt-authenticate

  2. As mentioned in the README here…

    Interactive login is, unfortunately, sometimes a necessary alternative to automated login via scripts such as zdave/openconnect-gp-okta.