You are not logged in.
- Topics: Active | Unanswered
#1 2008-06-04 18:16:23
- dschmid
- Member
- Registered: 2008-06-04
- Posts: 4
Problem pam_mount with thinkfinger by gdm login
Hello, i'm a new happy arch user for four days now. I have all things working that are important to me on my IBM x60s. The only thing that i can't solve is that i want to be able to unlock a luks partition on login over gdm with my fingerprint.
Login with my fingerprint in the shell gdm and gnome-screensaver is working perfect. For testing purpose I added this two lines to my /etc/pam.d/gdm file:
auth optional pam_mount.so
session optional pam_mount.so
But with this config I have to enter my passwort twice in gdm and the fingerprint isn't working any more. But the partion mount is ok. So only fingerprint OR password login is possible in my configuration. I have searched hours and hours in google to find a solution using pam_mount with thinkfinger but without success. Is pam_mount able to mount and unlock with biometric data? Because the password for luks had to be the same as the user pass to work.
Hope somebody can help me. I would be nice to unlock the partion and mount some Network shares only with my fingerprint.:P
Or is somebody out there using an similar solution with gnome-keyring or something else to mount shares or do cool things on login with fingerprint.
Any help is apprecheated.
Offline
#2 2008-06-04 18:52:07
- bender02
- Member
- From: UK
- Registered: 2007-02-04
- Posts: 1,328
Re: Problem pam_mount with thinkfinger by gdm login
I wanted to do this as well, and my conclusion was that it's either pam_mount or pam_thinkfinger, not both. Pam_mount wouldn't work with thinkfinger, since it needs the actual password to be passed to in order to unlock. Although it should be possible to just mount with pam_mount (if the mounts are without password protection).
If anyone has a solution, I'd be also happy to hear 
Offline
#3 2008-06-04 22:25:23
- dschmid
- Member
- Registered: 2008-06-04
- Posts: 4
Re: Problem pam_mount with thinkfinger by gdm login
I'm now searching for a solution to use pam-keyring to unlock my gnome-keyring on login. And in there I could have the password to mount my crypted volume. But when I think about it I see no way because one password had to be there in unenrypted plain text or you have to enter it. I'm now searching for a solution to use encryption only with a fingerprint and not with a password (A hash or something). If it's possible to have a encrypted txt file with login credentials for luks samba ssh in it and an autostart script that tries to decrypt that file with my fingerprint entered at gdm or shell. And only when the fingerprint unlocked the file another script mounts my volumes, shares with the login credentials from that file.
I hope there is a way. It would be so awesome.:D
Offline
#4 2008-07-07 07:35:46
- dschmid
- Member
- Registered: 2008-06-04
- Posts: 4
Re: Problem pam_mount with thinkfinger by gdm login
The best solution for me now is to unlock my home partition on login in gdm by typing the password following this gentoo howto with some changes http://gentoo-wiki.com/HOWTO_Encrypt_Yo … _pam_mount
I can use the fingerprintreader to do sudo commands in the shell and to unlock the screensaver after suspend and hibernate. It's not very often that I have to completly restart my laptop and have enter my password:cool:
Offline