Re: vpnclient...
Re: vpnclient...
- Subject: Re: vpnclient...
- From: Stephen Jonke <email@hidden>
- Date: Thu, 24 Jul 2003 15:10:18 -0400
Keep in mind that by using echo to enter the password your password
will be visible in plain text by anyone who can access the machine
either remotely or directly via a simple ps command at the command
line. Try it yourself and you'll see. Also there's the obvious security
risk of having the password in the script. A much better approach is to
use the keychain to enter the password into the active terminal window.
It's a hack, but it's more secure. Below is the script object I use to
connect and disconnect from the VPN. Copy and paste it into your
script. You use it by writing:
tell VPN to connect()
and
tell VPN to disconnect()
NOTE: again, this is an ugly-ish hack. It requires the beta GUI
scripting software available from Apple. Also, before using this you
must manually enter the "CiscoVPN" entry into your keychain. Do this
via the "Keychain Access" application in your utilities folder. Give
your password entry the name "CiscoVPN". Also your VPN's prompts might
be different, so you may need to modify the script to watch for the
correct strings. Lastly, I never once claimed it was reliable. :)
I have this inside a script that also keeps an eye on the connection
and if the connection is lost it automatically reconnects to the VPN.
Nifty, but even more of a hack. :) Hopefully this script doesn't get
too mangled via email....
Steve
-- script object for connecting and disconnecting the VPN
script VPN
on connect()
tell application "Terminal"
close (every window whose custom title contains "CiscoVPN")
activate
tell application "Keychain Scripting"
tell keychain 1
unlock
set theKey to first key whose name is "CiscoVPN"
set theUsername to (account of theKey) as string
set thePassword to (password of theKey) as string
end tell
end tell
do script "/usr/local/bin/vpnclient connect CiscoVPN user " &
theUsername
delay 4 -- seconds
tell (first window whose custom title is "/usr/local/bin/vpnclient
connect CiscoVPN user " & theUsername
--
repeat 60 times
if contents of it contains "Username [" & theUsername & "]:" then
tell application "System Events"
keystroke return
end tell
exit repeat
end if
delay 1 -- seconds
end repeat
repeat 20 times
if contents contains "Password []:" then
tell application "System Events"
tell process "Terminal"
keystroke thePassword & return
set thePassword to null
end tell
end tell
exit repeat
end if
delay 1 -- seconds
end repeat
repeat 60 times
if contents contains "Do you wish to continue? (y/n):" then
tell application "System Events"
tell process "Terminal"
keystroke "y" & return
end tell
end tell
exit repeat
end if
delay 1 -- seconds
end repeat
set connected to false
repeat 60 times
if contents contains " is secure." then
set connected to true
exit repeat
else if contents contains "Your VPN connection has been
terminated" then
close
exit repeat
end if
delay 1 -- seconds
end repeat
if connected then
set name to "CiscoVPN"
set miniaturized to true
return 1
else
display dialog "VPN connection attempt failed. Try again?" buttons
{"Quit", "Try Again"} default button "Try Again"
if button returned of result is "Quit" then
close
return -1
else
close
return 0
end if
end if
end tell
--
end tell
end connect
on disconnect()
do shell script "/usr/local/bin/vpnclient disconnect || echo"
repeat 60 times
if (do shell script "/usr/local/bin/vpnclient stat tunnel || echo")
contains " while connected" then
exit repeat
end if
delay 1 -- second
end repeat
delay 5
tell application "Terminal"
tell window "CiscoVPN VPN" to close
end tell
end disconnect
end script
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.
| References: | |
| | >vpnclient... (From: David Crowe <email@hidden>) |