Linux client login script question

[user359]

My VPN releases all details needed in .ovpn files. There are about 83 .ovpn files(servers) so far. I use network-manager-openvpn (gui) most of the time to connect.
There are times when network manager does not automatically reconnect or there are new servers added, I want to use a script to automatically read all ovpn files and let me select one.

I tried to find a way to store username and password without editing ovpn files. It all was beyond me.
I'd like to find a better way to do this for my purposes but here is what I did.

ovpnstart.sh (to call ovpnlist.sh with sudo so I only have to enter user OS password once)

Code: Select all

cd <to directory with ovpn & scripts> #So I no longer have to use full path in ovpnlist.sh
sudo <to directory with ovpn & scripts>/ovpnlist.sh

ovpnlist.sh (must be in same directory as all .ovpn files)

Code: Select all

#!/bin/bash

sed -i 's/auth-user-pass$/auth-user-pass ovpnp/g' *.ovpn # $ is to detect new line. Adds password file (ovpnp) to all .ovpn files

printf '\033[8;54;130t' #Resize terminal window to fit all servers. 54 is lines height, 130 is lines width

echo "Enter the number of the vpn you want to connect to"
echo "Ctrl+C to pick a new server. Press Enter to relist servers"
echo "Press Ctrl+C twice to exit"
echo " "

select FILENAME in *;
do
     echo "Selected $FILENAME ($REPLY)"
     sudo openvpn "$FILENAME"
done

ovpnp (must be in same directory as all .ovpn files)

Code: Select all

yourusername
yourpassword

The output is a numbered file list of .ovpn files.
I know it's not the most secure way to do things.

I'm using Ubuntu and my linux foo is weak.

[user359]

I a little bit because I needed to;
- select any server from a big list of ovpn files
- switch to any server whenever
- update all servers by replacing with new set of ovpn files frequently
- easy to adapt for use of script on other machines (copy & paste whole directory with script and ovpn files)


Is there a better way? Anyone seen/have a script for something like this for openvpn?
I'm also not happy about editing /etc/sudoers


I get the feeling there must be something better out there because debian variants and probably other distros don't allow you to easily add a huge list of ovpn files. You can only enter them manually which takes forever.

I've looked but all I get is how to set up a server. This is very frustrating.


ovpnlist.sh (script, sound file, ovpn files and user/pass file are all in config dir)

Code: Select all

#!/bin/bash
cd "$(dirname "$0")"
#Set working directory to script directory
#Added after adding "baka ALL=(ALL) NOPASSWD: /home/baka/VPN/config/opvnlist.sh" to /etc/sudoers so system password not needed. Otherwise sudo needed to run ovpnlist.sh

sed -i 's/auth-user-pass$/auth-user-pass ovpnp/g' *.ovpn
#$ is to dectect new line. Adds user/pass file(ovpnp) to all ovpn files (safer than command line option)

printf '\033[8;54;170t'
#Resize terminal window. 54 is lines height, 170 is lines width

echo "Ctrl+C to pick a new server."
echo "Press Ctrl+C twice to exit"
sudo openvpn --script-security 2 --config au11.vpn.com.udp1194.ovpn --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf --auth-retry nointeract

xdotool search --class "terminal" windowactivate %@
#Window to foreground on disconnect

mpg123 -g 20 retro_game_jingle.mp3 &
select FILENAME in *udp.ovpn;
do
     echo -e "\033[31m Selected $FILENAME ($REPLY) \033[30m"
     sudo openvpn --script-security 2 --config "$FILENAME" --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf --auth-retry nointeract
     echo -e "\033[31m Closing $FILENAME ($REPLY) \033[30m"
     sleep 1
     killall openvpn
     xdotool search --class "terminal" windowactivate %@
     mpg123 -g 20 retro_game_jingle.mp3 &
     echo "Press Enter to relist servers."
     echo "Enter the number of the vpn you want to connect to"
     echo "Ctrl+C to pick a new server or exit"
done

[d2t93y7c]

I a little bit because I needed to;
- select any server from a big list of ovpn files
- switch to any server whenever
- update all servers by replacing with new set of ovpn files frequently
- easy to adapt for use of script on other machines (copy & paste whole directory with script and ovpn files)


Is there a better way? Anyone seen/have a script for something like this for openvpn?
I'm also not happy about editing /etc/sudoers

I get the feeling there must be something better out there because debian variants and probably other distros don't allow you to easily add a huge list of ovpn files. You can only enter them manually which takes forever.

openvpn-switcher is what you're looking for: https://gitlab.freedesktop.org/2A4U/openvpn-switcher

Switching servers is done with ctrl+c and then typing nswitch. Servers are switched in order by *.ovpn modified date. To use a newly downloaded *.ovpn file, restart from the beginning of the list with "nswitch restart" or else nswitch will use the next *.ovpn in queue if nswitch is already cycling through *.ovpn files.