dotfiles/scripts/ethz-vpn

#!/usr/bin/env bash

connect() {
    read -sp $'Please enter your Encryption Password: ' encpass
    echo " ==> Connecting"
    TOKEN=$(cat ~/.local/share/ethz-vpn-connect/ethzvpntoken.secret | openssl enc -aes-256-cbc -pbkdf2 -d -a -k $encpass)
    PASSWORD=$(cat ~/.local/share/ethz-vpn-connect/ethzvpnpass.secret | openssl enc -aes-256-cbc -pbkdf2 -d -a -k $encpass)
    USERNAME=$(cat ~/.local/share/ethz-vpn-connect/ethzvpnusername.txt)
    echo $PASSWORD | sudo openconnect -b -u $USERNAME@student-net.ethz.ch -g student-net --useragent=AnyConnect --passwd-on-stdin --token-mode=totp --token-secret=sha1:base32:$TOKEN sslvpn.ethz.ch
    encpass=""
    PASSWORD=""
    TOKEN=""
}

disconnect() {
    sudo killall -v -SIGINT openconnect
    echo " ==> Disconnected"
}

setup() {
    echo 'You are about to overwrite your secrets. Press ctrl + C to cancel.'
    read -p $'Please enter your ETHZ-Username: ' USERNAME
    read -sp $'Please choose and enter your Encryption Password (will be required when launching): ' encpass
    read -sp $'Please enter your ETHZ WLAN (= Radius) Password: ' PASSWORD
    read -sp $'Please enter your ETHZ OTP Secret: ' TOKEN
    mkdir ~/.local/share/ethz-vpn-connect
    echo $PASSWORD | openssl enc -aes-256-cbc -pbkdf2 -a -k $encpass >~/.local/share/ethz-vpn-connect/ethzvpnpass.secret
    echo $TOKEN | openssl enc -aes-256-cbc -pbkdf2 -a -k $encpass >~/.local/share/ethz-vpn-connect/ethzvpntoken.secret
    echo $USERNAME >~/.local/share/ethz-vpn-connect/ethzvpnusername.txt
    encpass=""
    PASSWORD=""
    TOKEN=""
    echo $' ==> Secrets set <==\n'
}

case "$1" in
'connect')
    connect
    ;;
c)
    connect
    ;;
'disconnect')
    disconnect
    ;;
d)
    disconnect
    ;;
dc)
    disconnect
    ;;
setup)
    setup
    ;;
*)
    echo -e 'Usage: ethz-vpn [Option] \n [Option]: \n       connect, c:             Connect VPN \n  disconnect, d, dc:      Disconnect VPN \n setup: set secrets and eth-Username.\n'
    ;;
esac