Skip to content

Connect to the AWS Client VPN with SAML using OSS Client

License

Notifications You must be signed in to change notification settings

d-/aws-vpn-client

 
 

Repository files navigation

aws-vpn-client

This is an updated PoC to connect to the AWS Client VPN with OSS OpenVPN using SAML authentication. Tested on Linux primarily, but should work on OS X.

This is based on the work by samm's repo; and you can read their blog post for the implementation details.

This version has taken the shell scripts and folds all of that into a single golang binary.

Content of the repository

  • openvpn-v2.4.9-aws.patch - patch required to build AWS compatible OpenVPN v2.4.9, based on the AWS source code (thanks to @heprotecbuthealsoattac) for the link.
  • main.go - a go wrapper to perform the authentication and handle the double-tap of connecting to the vpn
  • compile-patched-openvpn.sh - bash script to download,patch and compile the openvpn client to use for the golang tool

How to use

  1. Update openssl sudo apt-get install libssl-dev
  2. Update lzo sudo apt-get install libssl-dev liblzo2-dev libpam0g-dev
  3. Build patched openvpn version using compile-patched-openvpn.sh
  4. Either save your downloaded aws config as ~/.awsvpn.conf or place it somewhere nice
  5. Compile the go wrapper go build
  6. Run the golang tool, use command arg -config to point to your conf file if its not saved as ~/.awsvpn.conf ./aws-vpn-wrapper -config 'dev.ovpn'
  7. This should do the rest from here

About

Connect to the AWS Client VPN with SAML using OSS Client

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 94.3%
  • Shell 5.7%