VPN univr

ubuntu

sudo apt install network-manager-vpnc network-manager-vpnc-gnome

arch

paru networkmanager-vpnc

network manager

yay -S networkmanager-vpnc

add VPN cisco compatible from network manager:

or create /etc/NetworkManager/system-connections/univr.nmconnection (chmod 600 and owned by root)

[connection]
id=univr
uuid=234f1f79-0a96-4be0-991e-75622ead54d0
type=vpn
autoconnect=false
permissions=user:scipio:;
timestamp=1630335537

[vpn]
IKE DH Group=dh2
IPSec ID=univr
IPSec gateway=remote.univr.it
IPSec secret-flags=0
Local Port=0
NAT Traversal Mode=natt
Perfect Forward Secrecy=server
Vendor=cisco
Xauth password-flags=0
Xauth username=xxx
ipsec-secret-type=save
xauth-password-type=save
service-type=org.freedesktop.NetworkManager.vpnc

[vpn-secrets]
IPSec secret=univr
Xauth password=xxx

[ipv4]
method=auto

[ipv6]
addr-gen-mode=stable-privacy
method=auto

[proxy]

bastion (jump box)

~/.ssh/config

    
Host umfa
  Hostname mfa-ssh-srv.univr.it 
  User 01scpsfn29
  ForwardAgent yes

Host ucd
  Hostname cd-www-srv.univr.it
  User 01scpsfn29
  ProxyJump umfa

Host ustage
  Hostname stage-dev.univr.it
  User 01scpsfn29
  ProxyJump umfa

Oppure, al posto di google auth, si può usare keepassxc utilizzando totp e la “secret key”