0

In terraform, I'm trying to automatically execute a command (start up openvpn) in bash that requires a username input, and password as input on the second line.

The problem is similar to what is described here, How to run sudo commands in terraform? ...but in my case, I need to pipe both a username and password, and I'm not sure how to do it with both.

echo openvpnas && echo password | openvpn --config ./client.ovpn

open vpn asks for a username and password, at this point, but I can't figure out how to enter both in a script.

[user@workstation openvpn_config]$ sudo openvpn --config ./client.ovpn
[sudo] password for user: 
Wed Jan 16 12:08:41 2019 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec  5 2018
Wed Jan 16 12:08:41 2019 library versions: OpenSSL 1.0.2k-fips  26 Jan 2017, LZO 2.06
Enter Auth Username:openvpnas
Enter Auth Password:
openCivilisation
  • 796
  • 1
  • 8
  • 25

1 Answers1

1

You can have local-exec create a username / password file if you're using vault or something else to grab the credentials on the fly. Then provide the --auth-user-pass up argument to read the file, then have local-exec remove the file.

--auth-user-pass [up]

Authenticate with server using username/password. up is a file containing username/password on 2 lines. If the password line is missing, OpenVPN will prompt for one. If up is omitted, username/password will be prompted from the console.

The server configuration must specify an --auth-user-pass-verify script to verify the username/password provided by the client.

Source: https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage

SomeGuyOnAComputer
  • 5,414
  • 6
  • 40
  • 72