[arch-general] Anyone using fprint for authentication ?
thomas at archlinux.org
Sat Mar 1 08:06:28 EST 2008
Alper KANAT schrieb:
> Hey There,
> I want to use my fingerprint scanner to login through GDM and GNOME
> Screensaver... I can do this right now partially... It always asks for
> my password which is maybe secure but annoying at the same time..
> I want to use fingerprint login first and if it fails then I want to use
> password login..
> Any ideas for how to do this ?
> I'm trying this in GNOME Screensaver but it asks for the password
> whenever I slide my finger on the scanner..
There are some shortcomings in PAM and the way it is handled in login
managers. Here is the setup I had with kde (/etc/pam.d/kde):
auth required pam_nologin.so
auth sufficient pam_unix.so
auth sufficient pam_fprint.so
auth required pam_deny.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
session required pam_limits.so
This is all re-done from memory, as I lost the file (don't forget to put
it in NoUpgrade). What happens is the following: If I enter a correct
password, then no fingerprint is required. If I enter a wrong password
(or none, which I did most of the time), it tries to get my fingerprint.
IMO, this is the best compromise, as kdm asks for a password anyway and
only scans the finger after I hit enter, so checking the password first
I guess you can make a similar setup work with gdm. Making kde not ask
for a password at all is not possible though.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 260 bytes
Desc: OpenPGP digital signature
More information about the arch-general