If your VPN client office using forticlient, you might want to run your VPN client with only command line, so you don’t have to see the small window just for connect your servers from home. With this bash script you can run your forclient VPN client only with CLI. GUI is for loosers.
Install expect first if you’re using ubuntu.
$ sudo apt-get install expect
Then copy this script below and save it. Inside the script there are some variables like username, password, host, port, that you need to fill.
#!/bin/bash # Forticlient SSL VPN Client launching script utilizing expect. FORTICLIENT_PATH="/your-path-to-forticlient/64bit/forticlientsslvpn_cli" # VPN Credentials VPN_HOST="yourVPNHost:YourPort" VPN_USER="yourVPNUser" VPN_PASS="enter-your-pass-here" if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" exit 1 fi if [ -z "$FORTICLIENT_PATH" ]; then FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)` if [ ! -f $FORTICLIENT_PATH ]; then echo "Tried to locate Forticlient SSL VPN Cli binary, but failed." echo "Specify it at variable FORTCLIENT_PATH" exit 1 fi echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH" fi echo "Killing previous instances of Forticlient SSL VPN client..." killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null cat << EOF > /tmp/expect #!/usr/bin/expect -f match_max 1000000 set timeout -1 spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive expect "Password for VPN:" send -- "$VPN_PASS" send -- "\r" expect "Would you like to connect to this server? (Y/N)" send -- "Y" send -- "\r" expect "Clean up..." close EOF chmod 500 /tmp/expect /usr/bin/expect -f /tmp/expect rm -f /tmp/expect
After you saved the script, let’s try to run it with sudo mode:
$ sudo vpn.sh &
- Setup SSH key passphrase only ask once
- Arcanist cheatsheet
- Install redshift on ubuntu 14..04
- SSH tunneling to your secured database/RDS through bastion/jump server with forwarded port
- Create partition in Linux that size larger than 2TB
- Add permanent swap & mount point to fstab
- SSH tunneling to your secured server through bastion/jump server with forwarded port