Fingerprint reader

From Gentoo Wiki
Jump to: navigation, search
Resources
This article has some todo items:
  • how to enroll a fingerprint for a specific user
  • GNOME/KDE integration and development status of this features
  • Configure PAM to use fprintd

Some laptops (especially those of the ThinkPad persuasion) come with an integrated fingerprint reader which can be used for authentication. Many guide expect the reader to be used in the place of a password. It is highly imperative to note: fingerprint reader technology is not considered to be secure by security experts.[1] Fingerprints should not be substituted for passwords for any device. Passwords can be easily changed; fingers cannot.[2] There are many known techniques to extract fingerprints from the device casing in order to gain access to the system through the fingerprint reader.

With the above paragraph being understood, it is perfectly acceptable to use a fingerprint to identify the user account before signing with key-based authentication.

Available software

Note
The fprint project is probably the most advanced approach to provide a solution for integrating fingerprint readers in Linux - other solutions such as thinkfinger are mostly outdated and do not provide such a general approach as well as fprint.
Name Package Homepage Description
fprint sys-auth/fprintd https://cgit.freedesktop.org/libfprint/fprintd/ fprint consists of several components. The primary being a daemon which provides access to fprint functionality through D-Bus to applications, such as login managers (GDM, KDM, ...), screen locking mechanisms etc.
thinkfinger sys-auth/thinkfinger http://thinkfinger.sourceforge.net/ Support for the UPEK/SGS Thomson Microelectronics fingerprint reader, often seen in ThinkPad laptops.

References