Home | Content | Search | Navigation | Toolbox | Actions | In other languages

User:Fseidel/veryshort thinkfinger howto

From openSUSE

This is just a very very short and rough HOWTO for thinkfinger.
It is more or less just a documentation how it worked for me (thanks to Timo Hönig btw for this peace of really cool software :-) ).
For more detailed information please have a lookt at the projects site [1].

Contents

[edit]

Supported Hardware

lsusb has to show a Device with ID 0483:2016.

[edit]

What packages to install

You'll need the two packages libthinkfinger and pam_thinkfinger.
For Factory/openSuSE 10.3 there are already recent packages included.
For openSuSE 10.2 i'd use those here from Timo [2].

[edit]

How to setup

First i'd test if communication with the fingerprintreader works and use the --acquire and --verify functions from tf-tool. So, first you use tf-tool --acquire which will ask for three swipes of your finger over the reader and afterwards will save the fingerprint to the file /tmp/test.bir. Next you use tf-tool --verify which again asks (for just one) swipe of the same finger and will report if the fingerprint was recognized. The file /tmp/test.bir may of course be deleted after this test was successfull. Such a session could look like this: 

geekmachine:~ # tf-tool --acquire

ThinkFinger 0.2.3 (http://thinkfinger.sourceforge.net/)
Copyright (C) 2006, 2007 Timo Hoenig <thoenig@suse.de>

Initializing... done.
Please swipe your finger (successful swipes 3/3, failed swipes: 0)... done.
Storing data (/tmp/test.bir)... done.
d185:~ # tf-tool --verify

ThinkFinger 0.2.3 (http://thinkfinger.sourceforge.net/)
Copyright (C) 2006, 2007 Timo Hoenig <thoenig@suse.de>

Initializing... done.
Please swipe your finger (successful swipes 1/1, failed swipes: 0)... done.
Result: Fingerprint does match.
geekmachine:~ #

(the counting of how many swipes were successful and how many were not will show in the very same line (the line itself is updated) .. wasn't that visible to me in the very first place)


Afterwards you'll probably want to enable the pam module for beeing able to use the fingerprint reader for your daily work. For this you'll need to edit /etc/pam.d/common-auth and add the line 

     auth     sufficient     pam_thinkfinger.so

just before the line 

     auth     required      pm_unix2.so

so your file should probably look like this: 

#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Authentication-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
auth    required        pam_env.so
auth    sufficient      pam_thinkfinger.so
auth    required        pam_unix2.so

The last step will be to (again acquire and) save your fingerprint for the pam module via tf-tool --add-user LOGIN-NAME for each user you want to be able to login via fingerprint. So, e.g. to enable the fingerprint for the users root and tuxbox you'd have the following session: 

geekmachine:~ # tf-tool --add-user root

ThinkFinger 0.2.3 (http://thinkfinger.sourceforge.net/)
Copyright (C) 2006, 2007 Timo Hoenig <thoenig@suse.de>

Initializing... done.
Please swipe your finger (successful swipes 3/3, failed swipes: 0)... done.
Storing data (/etc/pam_thinkfinger/root.bir)... done.
d185:~ # tf-tool --add-user tuxbox

ThinkFinger 0.2.3 (http://thinkfinger.sourceforge.net/)
Copyright (C) 2006, 2007 Timo Hoenig <thoenig@suse.de>

Initializing... done.
Please swipe your finger (successful swipes 3/3, failed swipes: 1)... done.
Storing data (/etc/pam_thinkfinger/tuxbox.bir)... done.
geekmachine:~ #

Thats all..

[edit]

What works and what not

Login on console or via commandline tools works just fine. You'll from now on be prompted to enter password or swipe finger (and of course both will just work). E.g. like this: 

tuxbox@geekmachine:~> su
Password or swipe finger:
geekmachine:/home/tuxbox #

As of now (sorry to say this, but.. ) only gnome tools (gdm, gnomesu, gnomes screensaver) seem to work with this and KDE currently does not.

If you change the order in /etc/pam.d/common.auth so that it looks like 

auth    required        pam_env.so
auth    sufficient      pam_unix2.so
auth    sufficient      pam_thinkfinger.so

it'll work in that way that you have to enter an empty password in the kde-screensaver-window and then stripe the finger... The only response that you'll get is an error-message if it fails or simply your unlocked desktop.

An authentication on a KDE-loginwindow is still not working.

Retrieved from "http://en.opensuse.org/User:Fseidel/veryshort_thinkfinger_howto"
The content on this and other wiki pages is posted by community members who are not acting for or on behalf of Novell, Inc., whether or not they otherwise have affiliation with Novell.
This site uses the YAML CSS framework.
About openSUSE | Disclaimers | Feedback
This page was last modified 06:35, 8 May 2007. This page has been accessed 2,172 times.

Founded by Novell