Joined: 28 Nov 2004
|Posted: Thu Oct 01, 2015 2:21 pm Post subject: Thinkpad finger print reader setup
it is a security topic so I post it here, but don't know if it is the most correct forum.
I want to use it essentially for a nice login and for unloking the screen or such stuff.
I installed .
Calibration worked too and the hardware works. My problem is the setup.
If I do a login console, I need to enter the username first, then "scan" instead of the password. I noticed, the same fingerprint is used both for "root" and for my own user. Fine enough.
If I use sudo, I too get asked for:
|Scan right index finger on UPEK TouchStrip
Which is kind of nice.
I configured pam in:
|/etc/pam.d/cat system-auth |
auth sufficient pam_fprint.so
What is not working?
xlock Although in various forums I read that it should work, including xlockmore page. But in my case scanning does not work. perhaps it is not picking up PAM? However I have xlockmore compiled with pam.
remote usage This is the most annoying. If I login remotely to my computer (telnet, ssh) and issue "sudo" I get asked to scan the fingerprint! that is really not nice.
perhaps I should move things in another place? suggestions? I'd like that when using sudo using telnet/ssh.
Even if "sufficient" I cannot skip scanning the fingerprint with a ctrl-c/ctrl-d.
Can I configure things so that fingerpritn is not used for sudo?
My "xlock" in pam.d contains:
|auth include system-auth |
so it should work. xlockmore perhaps doens't use pam.d/xlock?
Unix is user friendly. It is only careful selecting its friends.