Difference between revisions of "Fprint"

From ArchWiki
Jump to: navigation, search
Line 39: Line 39:
== Login configuration
== Login configuration
Modify the auth section of /etc/pam.d/login to this
auth      required pam_env.so
auth      sufficient  pam_fprint.so
auth      sufficient  pam_unix.so try_first_pass likeauth nullok
auth      required pam_deny.so

Revision as of 09:53, 2 December 2010

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.

Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어

External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی


From http://reactivated.net/fprint/wiki/Pam_fprint

"pam_fprint is a simple PAM module which uses libfprint's fingerprint processing and verification functionality for authentication. In other words, instead of seeing a password prompt, you're asked to scan your fingerprint."

The idea is to use the built-in fingerprint reader in some notebooks for login using PAM. I will also explain how to use regular password for backup login method (solely fingerprint scanner is not recommended due to numerous reasons).


First, make sure you have one of the supported finger scanners. http://www.thinkwiki.org/wiki/Integrated_Fingerprint_Reader gives a list of supported devices. To check which one you have, type

$ lsusb

You need to install pam and libfprint. In my case PAM was already installed.

# pacman -S pam libfprint


Once you made sure your reader is supported, you are good to go

# pacman -S pam_fprint



This is the tricky part. By defaut, only root has access to the device. You can create a signature from sudo, but then you can only use it for root user. After digging at the Ubuntu forums I found out the following solution which worked for me.

1. If the group plugdev doesn't exist (didn't for me), create it

2. Add yourself to the group

# gpasswd -a USER plugdev

3. Allow USB access

# chgrp -R plugdev /dev/bus/usb/

== Login configuration

Modify the auth section of /etc/pam.d/login to this

auth       required pam_env.so
auth       sufficient   pam_fprint.so
auth       sufficient   pam_unix.so try_first_pass likeauth nullok
auth       required pam_deny.so