search

dlenski / gp-saml-gui

Interactively authenticate to GlobalProtect VPNs that require SAML
GNU General Public License v3.0
293 stars 66 forks source link

Headless solution? #105

Open youknow16 opened 3 weeks ago

youknow16 commented 3 weeks ago

Is there anyway to do this on a headless server? Maybe the program can give a URL for use to open on his computer and paste the result back in the terminal?

dlenski commented 2 weeks ago

You have multiple options here. The most straightforward ones:

  1. Use gp-saml-gui, but then add --authenticate to the OpenConnect command line to only do the authentication phase on the graphical terminal, and then use the authentication token to actually start the connection on the server, as described in https://www.infradead.org/openconnect/manual.html#opt-authenticate

  2. As mentioned in the README here…

    Interactive login is, unfortunately, sometimes a necessary alternative to automated login via scripts such as zdave/openconnect-gp-okta.