DEV Community

Savchenko Alexander
Savchenko Alexander

Posted on

cisco any connect mac through terminal with no password

WHYYYY???

Are you tired endlessly to enter password? You hate ugly GUI? Oh man, I understand you :/

You need 2 script, 3 commands to remove GUI from startup and 1 command to connect

How to remove GUI from startup

This command must be enough

launchctl unload -w /Library/LaunchAgents/com.cisco.anyconnect.gui.plist
Enter fullscreen mode Exit fullscreen mode

but if not try also these

rm -f /Library/LaunchAgents/com.cisco.anyconnect.vpnagent.plist
rm -f /Library/LaunchDaemons/com.cisco.anyconnect.gui.plist
Enter fullscreen mode Exit fullscreen mode

Script to kill vpn

Create a file and name it vpn_kill.sh

#!/bin/bash
INSTPREFIX="/opt/cisco/anyconnect"
BINDIR="${INSTPREFIX}/bin"
PLUGINDIR="${BINDIR}/plugins"
LIBDIR="${INSTPREFIX}/lib"
PROFDIR="${INSTPREFIX}/profile"
MGMTPROFDIR="${INSTPREFIX}/profile/mgmttun"
SCRIPTDIR="${INSTPREFIX}/script"
HELPDIR="${INSTPREFIX}/help"
KEXTDIR="/Library/Application Support/Cisco/AnyConnect Secure Mobility Client"
APPDIR="/Applications/Cisco"
GUIAPP="Cisco AnyConnect Secure Mobility Client.app"
NWEXT_KDF_APP="Cisco AnyConnect Socket Filter.app"
UNINSTALLER="Uninstall AnyConnect.app"
INITDIR="/System/Library/StartupItems"
INIT="vpnagentd"
LAUNCHD_DIR="/Library/LaunchDaemons"
LAUNCHD_FILE="com.cisco.anyconnect.vpnagentd.plist"
LAUNCHD_AGENT_DIR="/Library/LaunchAgents"
LAUNCHD_AGENT_GUI_FILE="com.cisco.anyconnect.gui.plist"
LAUNCHD_AGENT_NOTIFICATION_FILE="com.cisco.anyconnect.notification.plist"
ACMANIFESTDAT="${INSTPREFIX}/VPNManifest.dat"
VPNMANIFEST="ACManifestVPN.xml"
LOGDIR="/var/log/anyconnect"
UNINSTALLLOG="${LOGDIR}/vpn-close.log"

ANYCONNECT_VPN_PACKAGE_ID=com.cisco.pkg.anyconnect.vpn

# Array of files to remove
FILELIST=("${BINDIR}/vpnagentd" \
          "${BINDIR}/vpn_uninstall.sh" \
          "${BINDIR}/anyconnect_uninstall.sh" \
          "${BINDIR}/vpnui" \
          "${BINDIR}/vpn" \
          "${BINDIR}/vpnmgmttun" \
          "${BINDIR}/acinstallhelper" \
          "${BINDIR}/vpndownloader.app" \
          "${BINDIR}/UpdateComponentManifest.json" \
          "${BINDIR}/manifesttool" \
          "${BINDIR}/manifesttool_vpn" \
          "${BINDIR}/SetUIDTool_vpn" \
          "${BINDIR}/Cisco AnyConnect Secure Mobility Client Notification.app" \
          "${BINDIR}/Cisco AnyConnect Web Browser.app" \
          "${INSTPREFIX}/AnyConnectLocalPolicy.xsd" \
          "${INSTPREFIX}/gui_keepalive" \
          "${INSTPREFIX}/OpenSource.html" \
          "${INSTPREFIX}/update.txt" \
          "${INSTPREFIX}/${VPNMANIFEST}" \
          "${LIBDIR}/libacciscossl.dylib" \
          "${LIBDIR}/libacciscocrypto.dylib" \
          "${LIBDIR}/libaccurl.4.dylib" \
          "${LIBDIR}/libboost_filesystem.dylib" \
          "${LIBDIR}/libboost_system.dylib" \
          "${LIBDIR}/libboost_thread.dylib" \
          "${LIBDIR}/libboost_date_time.dylib" \
          "${LIBDIR}/libboost_signals.dylib" \
          "${LIBDIR}/libboost_chrono.dylib" \
          "${LIBDIR}/libvpnagentutilities.dylib" \
          "${LIBDIR}/libvpncommon.dylib" \
          "${LIBDIR}/libvpncommoncrypt.dylib" \
          "${LIBDIR}/libvpnapi.dylib" \
          "${LIBDIR}/libac_sock_fltr_api.dylib" \
          "${LIBDIR}/libacruntime.dylib" \
          "${PLUGINDIR}/libvpnipsec.dylib" \
          "${PLUGINDIR}/libacfeedback.dylib" \
          "${PLUGINDIR}/libacwebhelper.dylib" \
          "${PLUGINDIR}/libvpnapishim.dylib" \
          "${PLUGINDIR}/libacdownloader.dylib" \
          "${PROFDIR}/AnyConnectProfile.xsd" \
          "${MGMTPROFDIR}/AnyConnectProfile.xsd" \
          "${LAUNCHD_DIR}/${LAUNCHD_FILE}" \
          "${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE}" \
          "${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_NOTIFICATION_FILE}" \
          "${INITDIR}/${INIT}" \
          "${APPDIR}/${GUIAPP}" \
          "${APPDIR}/${UNINSTALLER}" \
          "${KEXTDIR}/acsock.kext" \
          "${INSTPREFIX}/gui_kext.plist")

echo -e "Closing Cisco AnyConnect Secure Mobility Client...\n"

# Create log directory if not exist
if [ ! -d ${LOGDIR} ]; then
  mkdir -p ${LOGDIR} >/dev/null 2>&1
fi

OS_VER_MAJOR=$(sw_vers -productVersion | awk -F. '{ print $1; }')
OS_VER_MINOR=$(sw_vers -productVersion | awk -F. '{ print $2; }')
MYUID=`echo "show State:/Users/ConsoleUser" | scutil | awk '/UID/ { print $3 }'`

# Unload the GUI launch agent if it exists
if [ -e ${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE} ] ; then 
    echo "Stopping GUI launch agent..." >> "${UNINSTALLLOG}"
    if [ "$OS_VER_MAJOR" -gt 10 ] || [ "$OS_VER_MINOR" -ge 11 ] ; then
        # Use new launchctl subcommand for macOS 10.11 and later
        echo "launchctl bootout gui/${MYUID} ${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE}" >> "${UNINSTALLLOG}" 
        launchctl bootout gui/${MYUID} ${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE} >> "${UNINSTALLLOG}" 2>&1
    else
        # Use legacy launchctl subcommand for earlier macOS
        echo "sudo -u #${MYUID} launchctl unload -S Aqua ${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE}" >> "${UNINSTALLLOG}"
        sudo -u \#${MYUID} launchctl unload -S Aqua ${LAUNCHD_AGENT_DIR}/${LAUNCHD_AGENT_GUI_FILE} >> "${UNINSTALLLOG}" 2>&1
    fi
fi

# ensure that the gui are not running
OURPROCS=`ps -A -o pid,command | egrep '(Cisco AnyConnect Secure Mobility Client)' | egrep -v 'grep|vpn_uninstall|anyconnect_uninstall' | awk '{print $1}'`
if [ -n "${OURPROCS}" ] ; then
    for DOOMED in ${OURPROCS}; do
        echo Killing `ps -A -o pid,command -p ${DOOMED} | grep ${DOOMED} | egrep -v 'ps|grep'` >> "${UNINSTALLLOG}" 
        kill -INT ${DOOMED} >> "${UNINSTALLLOG}" 2>&1
    done
fi

# Wait one second to allow the GUI to properly close. This hack
# prevents some IPC issues related to trying to close the GUI and agent
# almost simultaneously.
sleep 1

# ensure that the agent, gui and cli are not running - show no mercy
OURPROCS=`ps -A -o pid,command | egrep '(/opt/cisco/anyconnect/bin)|(Cisco AnyConnect Secure Mobility Client)' | egrep -v 'grep|vpn_uninstall|anyconnect_uninstall' | awk '{print $1}'`
if [ -n "${OURPROCS}" ] ; then
    for DOOMED in ${OURPROCS}; do
        echo Killing `ps -A -o pid,command -p ${DOOMED} | grep ${DOOMED} | egrep -v 'ps|grep'` >> "${UNINSTALLLOG}"
        kill -KILL ${DOOMED} >> "${UNINSTALLLOG}" 2>&1
    done
fi

echo -e "Closed\n"
exit 0
Enter fullscreen mode Exit fullscreen mode

Script to connect

Create a file, name it vpn_connect.sh and put your credentials in it and READ A SCRIPT! YOU MAY HAVE NO SUCH QUESTIONS AS I DO SO REMOVE THEM

#!/usr/bin/expect

set USERNAME "YOUR_VPN_USERNAME"
set PASSWORD "YOUR_VPN_PASSWORD"

spawn /opt/cisco/anyconnect/bin/vpn -s connect vpn-ha.tcsbank.ru
expect {
    "Group: *" {
        send -- "PUT_HERE_YOUR_GROUP\r"
    }
    "Username: " {
        send -- "$USERNAME\r"
    }
    ">> error: " {
        exit
    }
}
expect {
    "Username: " {
        send -- "$USERNAME\r"
    }
    "Password: " {
        send -- "$PASSWORD\r"
    }
}
expect {
    "Password: " {
        send -- "$PASSWORD\r"
        expect {
            "Answer: " {
                interact ++ return
            }
        }
    }
    "Answer: " {
        interact ++ return
    }
}
Enter fullscreen mode Exit fullscreen mode

AND FINALLY RUN IT! 

echo -e "YOUR_SUDO_PASSWORD" | sudo -S vpn_kill.sh && vpn_connect.sh
Enter fullscreen mode Exit fullscreen mode

Additional note

Just in case run:

sudo chmod 700 vpn_connect.sh
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Read next

jeet_dhandha profile image

Building and Comparing Table Data Made Easy with @libs-jd/table-data-kit

Jeet Dhandha -

madgan95 profile image

Introduction to Computer Networks

Madhav Ganesan -

unique-tea profile image

Empowering Collaboration: Establishing a Centralized Shared File Storage Solution for Seamless Company Access

Oluwatobiloba Akinbobola -

webwhey profile image

An Open-Source Platform for Multi-Agent AI Orchestration

Jeremy Rivera -