how to make ocserv do totp 2FA?

Kevin Cernekee cernekee at gmail.com
Mon May 18 13:13:54 PDT 2015


On Mon, May 18, 2015 at 12:52 PM, Wang Jian <larkwang at gmail.com> wrote:
> With this setup, Cisco anyconnect android client will ask username, password and
> password again. If all information is correct, the vpn connection is established
> successfully.
>
> But OpenConnect android client will fail immediately after prompting
> for and get first
> password. According to log, I think it's because OC android client
> uses first password
> directly for second prompt, and fails.

I don't think it will resubmit your password automatically unless
batch mode was enabled.

BTW you'll probably want to make sure something in the login form
(e.g. the password prompt) distinguishes between the alphanumeric
password entry and the OTP entry.  Both for user interaction reasons,
and because OpenConnect wants to be able to uniquely identify each
form field in order to save passwords locally.



More information about the openconnect-devel mailing list