Skip to content

TanguyLeMo/HTWG_VPN_LINUX

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
ReadMe.md
ReadMe.md
 
 
connecttovpn.sh
connecttovpn.sh
 
 
getotp.py
getotp.py
 
 
openvpncommands.txt
openvpncommands.txt
 
 

Repository files navigation

HTWG VPN Connect Script (Linux)

This Bash script automates connecting to the HTWG Konstanz VPN (OpenVPN with MFA / OTP). It combines your password with a time-based one-time password (TOTP) generated by Python — all in a single command.

Disclaimer

The current version stores the password and user as env variable on the system. This is considered not safe. Use this script on one's own responsibility. Feel free to implement an own version with a secured password-manager.

Project Structure

vpn-connect/
├── connecttovpn.sh                 -> Main script (executes the VPN connection)
├── getotp.py              -> Python script that generates the OTP from your TOTP secret
└── vpn_log.txt            -> Log file for errors and debug output

Requirements

  • OTP secret The OTP secret is provided by the HTWG IT department via QR code. For this script, you need the string representation of the secret. You can extract it using tools like extract_otp_secrets.

  • OpenVPN

  • Linux system e.g. Ubuntu, Fedora, Arch, etc. (In theorie MacOs shall also work. This though has not been tested by me, since I have no MacOs instance)

  • Python 3.x with the pyotp package installed:

    To keep dependencies isolated, you can use a virtual environment:

    python3 -m venv .venv
source .venv/bin/activate

    Then install package pyotp

    pip install pyotp

  • Access to the configuration file HTWG-MFA-[current_semester]-STUD.ovpn (provided by HTWG → Link)

Environment Variables

The script uses three environment variables for your credentials and the OTP secret:

export VPN_USER="your.htwg.username"
export VPN_PASS="your_htwg_account_password"
export HTWG_TOTP_SECRET="SECRET_FROM_MFA_APP"

Tip: You can add these lines to your .env or ~/.bashrc file to have them loaded automatically on startup.

Usage

  1. Make the script executable:

    chmod +x connecttovpn.sh

  2. Run the script:

    ./connecttovpn.sh
    • If not run as root, it will automatically restart with sudo.
    • The OTP is generated by getotp.py.
    • The OpenVPN connection is established in the same step.

How It Works

  1. Checks for root privileges → if not, restarts with sudo.

  2. Resolves paths relative to the script directory (even when called via symlink).

  3. Generates the OTP using the Python script:

    python3 getotp.py $HTWG_TOTP_SECRET

  4. Combines the password and OTP, writes a temporary auth.txt file.

  5. Starts OpenVPN with:

    openvpn --config HTWG-MFA-SOSE25-STUD.ovpn --auth-user-pass <(echo -e "$VPN_USER\n$VPN_PASS$OTP")

  6. Logs any errors to vpn_log.txt.

Debugging

If something goes wrong:

cat vpn_log.txt

Common issues:

  • Incorrect HTWG_TOTP_SECRET
  • Missing pyotp installation
  • openvpn not found in PATH
  • Configuration file not found or in wrong directory

Example

export VPN_USER="mmuster"
export VPN_PASS="SuperSecure123"
export HTWG_TOTP_SECRET="JBSWY3DPEHPK3PXP"
./connecttovpn.sh

Optional: Create a Symlink

Create a symlink

Execute this command while being in this repo.

sudo ln -s $PWD/connecttovpn.sh /usr/local/bin/htwgvpn

This way, you can keep your script in its project folder but still run it globally:

htwgvpn

About

Serves as a little helper for the HTWG_VPN to simplify connection

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages