The goal of the project is to ease the pain of using snx on OSX. It's built on top of the official executable which is installed in the Homebrew Cellar. I extracted the steps from the official installer.
- Install homebrew (http://brew.sh).
- Add my tap using
brew tap felin-arch/brew. - Install using
brew install snx. - During the install it'll ask for 3 things, the
serveryou will use it with, theusernameyou will use, the name of thekeychain itemwhich holds the password. - Once installed initiate a manual connection to verify the certificate.
- Upon the first usage of
cpupyou will need to enable it to access the Keychain item holding the password.
- It installs the snx executable and sets the correct privileges (4775) on it. The setuid bit is required by snx. Brew defaults to 555. The 775 is needed to keep brew quiet.
- It installs the CAverify app under /etc/snx. This is required by the snx executable to remember the CA root.
- It installs 3 apps to the users Applications folder so they can be used from Spotlight:
cpupto connect,cpstatto check the status,cpdownto disconnect (feel free to check the source of these using OSX's Automator app).
- Launch
Keychain Accessvia Spotlight. - Select the
loginkeychain andPasswordscategory. - Select the small
+button on the bottom. - Fill in the name of the item. This will need to match the one given during the install process!
- Set an account name and password. The account name is not used by the scripts.
- terminal-notifier (also available via brew)
- Make sure you can initiate a connection from the CLI (
snx -s [SERVER] -u [USERNAME]). - Make sure the Keychain item is accessible by the
securitybinary. - If all else fails, try to reinstall with
brew install snx.