ThinkFinger and pam-bioapi are indeed ways to get fingerprint support. However, I think we need a more general approach.
If we put the initial wrapping of the mount password in the pam_ecryptfs module, then it will have access to the pam authentication token, whatever that may be (password, fingerprint, smartcard, usb drive...). Then we just need a small pam-aware application for ecryptfs-setup-private to call.
The question is of course what to do when the user wants to use multiple methods of authentication (e.g. sometimes passwords and sometimes fingerprint).
Hello Mike,
ThinkFinger and pam-bioapi are indeed ways to get fingerprint support. However, I think we need a more general approach. setup-private to call.
If we put the initial wrapping of the mount password in the pam_ecryptfs module, then it will have access to the pam authentication token, whatever that may be (password, fingerprint, smartcard, usb drive...). Then we just need a small pam-aware application for ecryptfs-
The question is of course what to do when the user wants to use multiple methods of authentication (e.g. sometimes passwords and sometimes fingerprint).
Jeroen