#GNOME allows you to configure login via #fingerprint on supported devices instead of a password. Security issues aside, this has a bit of a "meh" experience when using the #GnomeKeyring which still requires unlocking via password.
Most OSes I know handle this differently and thus also side-stepping the problem by asking for a login password but allowing you to unlock the screen afterwards using fingerprints. Any GNOME or #PAM experts here who know how to configure something similar?
"Les bombardements sur #Gaza ont détruit plus de 1.000 logements", "au moins 15 établissements d’enseignement ont été touchés", "L' #OMS a recensé 37 attaques sanitaires, 6 morts parmi les travailleurs de la santé, 8 blessés, 13 établissements de santé et au moins 15 ambulances ont été touchés."
"L' #UNRWA a rapporté 11 morts parmi ses employés. L’agence a souligné à plusieurs reprises l’importance de protéger les civils." #Palestine#Israel#ONU#PAM
Ich wollte meinen freien Tag dazu nutzen, meinen #Mac so einzurichten, dass er bei "sudo" Befehlen für die Authentifizierung den TouchID (Fingerabdruck) Sensor verwendet statt mein Passwort abfragt.
Da MacOS wie #linux#PAM verwendet, war die Sache aber sehr schnell erledigt:
Le Programme alimentaire mondial (PAM) est une agence des Nations unies. Le #PAM a du mal à répondre aux besoins croissants d’#aidealimentaire et est confronté à un déficit de financement de plus de 60%, le plus élevé de son histoire. Pour la 1re fois, les contributions au PAM ont diminué, alors que les besoins augmentent. (AFP via Le Monde)
Have you ever wondered how #loginmanagers work on #Linux? What are they up to and how #PAM is involved? I don't know about you, but I was always curious how things are working under the hood.
Just found a nice introduction post on this matter. Check it out, it's great. Code examples are included.
Btw, I think #PAM is an underrated piece of tech. It's pluggable, so you can implement whatever authentication strategy you want. Fingerprint check? Face recognition? You tell me.
But not only this. It can be used beyond login managers. There was one time when I played with alternative authentication for #sudo program. In my case, I wanted to tap on my #YubiKey instead of using password. It proved inconvenient, so I rolled things back, but it's fascinating how easy it was to configure this.
So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus...
Schreibe momentan an einem Artikel zu FIDO2 / U2F Sicherheitsschlüsseln wie SoloKey2, YubiKey5 oder NitroKey3.
Es wird darum gehen wie diese Keys mit standard tools eingerichtet und für Login in Linux oder OpenSSH eingesetzt werden können (am beispiel Fedora Linux). Vielleicht nehme ich auch gleich LUKS decryption mit auf, sonst kommt das hinterher
Habt ihr ein besonderes Interesse bzw. Fragen auf die ich besonderen Wert legen soll?
Smartcard Setup Help-Request for RHEL8 Using Active Directory without IDM
So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus...