Comment 2 for bug 255799

Hello Mike,

ThinkFinger and pam-bioapi are indeed ways to get fingerprint support. However, I think we need a more general approach.
If we put the initial wrapping of the mount password in the pam_ecryptfs module, then it will have access to the pam authentication token, whatever that may be (password, fingerprint, smartcard, usb drive...). Then we just need a small pam-aware application for ecryptfs-setup-private to call.
The question is of course what to do when the user wants to use multiple methods of authentication (e.g. sometimes passwords and sometimes fingerprint).

Jeroen