7

I want to connect to a VPN with nmcli. Is there a way to allow me to provide a password to nmcli from the console?

There seem to be ways to store the password in /etc/NetworkManager/system-connections/<connection>, that I don't seem to be able to get working. But I'd prefer not storing passwords in files at all.

On the desktop I enter the password every time, but when I run sudo nmcli con up id MyVPN over SSH, it opens a GUI dialog on the remote desktop asking for my password, which seems like a strange design decision to me. If I had e.g. VNC to the remote desktop, I wouldn't use nmcli...

Community
  • 1
Peter V. Mørch
  • 5,047
  • 3
  • 34
  • 37

2 Answers2

10

Try using the --ask flag:

nmcli --ask con up id MyVPN

I've dropped sudo because it is probably unnecessary (and dangerous).

user437440
  • 101
  • 1
  • 3
  • I just tried `--ask ` which is in Ubuntu 15.04. If I run this from a console over ssh, then the dialog asking for the password *still* appears on the *remote* desktop, not where I can see it in the ssh session. :-( If I had access to the remote desktop, I wouldn't need `nmcli` – Peter V. Mørch Aug 17 '15 at 23:50
  • works for me. @PeterV.Mørch to get this working over ssh i also had to add poltik rules. – rrosa May 06 '16 at 04:27
2

this should work on ubuntu 16.04:

nmcli --ask con up id MyVPN

to get this working over ssh i also had to add rules in

  /etc/polkit-1/localauthority/90-mandatory.d

one called 90-ssh-network-control.pkla with content:

[Network Manager - Control network nmcli]
Identity=unix-user:yourusername
Action=org.freedesktop.NetworkManager.network-control
ResultAny=yes
ResultInactive=yes
ResultActive=yes

and another called 90-ssh-own-network.pkla with the same except for the Action field, replace with:

Action=org.freedesktop.NetworkManager.settings.modify.own

on 14.04LTS the --ask option is not available.

rrosa
  • 408
  • 3
  • 12