Skip to content
OpenVPN Static password + OTP in ONE STRING | Script
Viscosity Menu Icon Packs, Two-Factor Scripts, & OpenVPN Config Tool
- Posts: 1
- Joined: Sat Jan 28, 2023 4:29 am
Hi,
as long time user of this awesome openvpn app, I've developed a script to make my live easier.
Sometimes the password to login to OpenVPN Server is secured with a tailing otp "StaticPassword+OPT" , but many implementations take the OTP in a separat promt after the password (what may be saved at your keychain!
This script will ask you for the OTP and adds it behind your static password to be provided as one string!
Result: "mysecretpassword124365" -> CONNECT (or hit ENTER) ONLINE
This scrips is using your static password, asking for your OTP to type in and then provides this as a whole string to the login prompt of Viscosity!
Format: StaticPassword+OPT = "mysecretpassword124365"
Note: The password must be provided to the script in cleartext, making it less secure. So store it in a save place on your machine! This can be improved!
How to use:
- use ScriptEditor,Text editor or IDE you like and replace:
- MYUSERNAME
- MYPASSWORD
- SAVE as viscosity-otp-script.scpt ( the ending .scpt is important!)
- ADD the script to your OpenVPN configuration as "Before Connect Script"
( right click your (imported) OpenVPN configuration -> EDIT -> Advanced -> "Before Connect Script" | Select ... ) | SAVE
Now when you connect to your OpenVPN Server, a new dialog will pop up and ask you to provide the OTP!
CONNECT | ENTER = connects you to VPN
close = close the dialog only
quit = quits Viscosity app
Note: quit option was implemented because sometimes the handover of pw+otp can fail. MacOS will prompt the Keychain dialog instead. Then you have to quit and restart Viscosity. If this happens, DO NOT SAVE - it will leave you a faulty entry on your Mac what has to be removed. It usually can happen after connection timeout, network change (switch wifi or such things)).
as long time user of this awesome openvpn app, I've developed a script to make my live easier.
Sometimes the password to login to OpenVPN Server is secured with a tailing otp "StaticPassword+OPT" , but many implementations take the OTP in a separat promt after the password (what may be saved at your keychain!
This script will ask you for the OTP and adds it behind your static password to be provided as one string!
Result: "mysecretpassword124365" -> CONNECT (or hit ENTER) ONLINE
This scrips is using your static password, asking for your OTP to type in and then provides this as a whole string to the login prompt of Viscosity!
Format: StaticPassword+OPT = "mysecretpassword124365"
Note: The password must be provided to the script in cleartext, making it less secure. So store it in a save place on your machine! This can be improved!
How to use:
- use ScriptEditor,Text editor or IDE you like and replace:
- MYUSERNAME
- MYPASSWORD
- SAVE as viscosity-otp-script.scpt ( the ending .scpt is important!)
- ADD the script to your OpenVPN configuration as "Before Connect Script"
( right click your (imported) OpenVPN configuration -> EDIT -> Advanced -> "Before Connect Script" | Select ... ) | SAVE
Now when you connect to your OpenVPN Server, a new dialog will pop up and ask you to provide the OTP!
CONNECT | ENTER = connects you to VPN
close = close the dialog only
quit = quits Viscosity app
Note: quit option was implemented because sometimes the handover of pw+otp can fail. MacOS will prompt the Keychain dialog instead. Then you have to quit and restart Viscosity. If this happens, DO NOT SAVE - it will leave you a faulty entry on your Mac what has to be removed. It usually can happen after connection timeout, network change (switch wifi or such things)).
Code: Select all
tell application "Viscosity"
set username to "MYUSERNAME"
set staticPassword to "MYPASSWORD"
try
set response to display dialog "please put the OTP TOKEN here" default answer "" with title (system attribute "displayName") with icon note buttons {"CONNECT", "close", "quit"} default button "CONNECT"
if button returned of response is "CONNECT" then
return "userpass " & username & " " & staticPassword & (text returned of response)
end if
if button returned of response is "quit" then
tell application "Viscosity"
quit
end tell
end if
end try
return "ViscosityNoConnect"
end tell
Hi Ro Bin-Wan Känobi,
Thanks for your contribution - we always appreciate people taking the time to write up scripts or guides for the forum.
I also recommend taking a look at the "static-challenge-password" command, which should also implement what you're trying to do:
https://www.sparklabs.com/support/kb/ar ... e-password
Cheers,
James
Thanks for your contribution - we always appreciate people taking the time to write up scripts or guides for the forum.
I also recommend taking a look at the "static-challenge-password" command, which should also implement what you're trying to do:
https://www.sparklabs.com/support/kb/ar ... e-password
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Bluesky: https://bsky.app/profile/sparklabs.com
Support: https://www.sparklabs.com/support
Bluesky: https://bsky.app/profile/sparklabs.com
2 posts
Page 1 of 1