LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 02-03-2008, 11:52 AM   #1
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Rep: Reputation: Disabled
pam authentication for keyring with thinkfinger


Hi all,

I need some help. I have been trying to figure out how to set up thinkfinger to log in and grant access to the keyring. I can get thinkfinger running, but after that I need to enter my password to access the keyring. I also was able to log in with a password (not using pam_thinkfinger.so). After that I can log in and get access to my keyring. When I try to combine both the closest I get is that at the log on prompt I have to enter my password, followed by entering my password again or swipe my finger over the scanner.
I read on several pages that this would be a bug in gnome_keyring_pam, but I am not using that (although tried it). I followed the guides I found about this subject, but none really talked about this issue. Does anyone know how I can get to log on with thinkfinger and after that pass the authentication to the keyring by just logging in once? I am using Fedora 8 on a Lenovo Thinkpad T61p. Below you can find my system-auth and gdm.

System-auth:
Code:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth	    sufficient	  pam_thinkfinger.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 500 quiet
auth        required      pam_deny.so

account     required      pam_unix.so
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 500 quiet
account     required      pam_permit.so

password    requisite     pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so
Gdm:
Code:
#%PAM-1.0
auth     [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth       required    pam_env.so
auth	   optional    pam_keyring.so try_first_pass
auth       include     system-auth
#auth       optional    pam_gnome_keyring.so
account    required    pam_nologin.so
account    include     system-auth
password   include     system-auth
session    required    pam_selinux.so close
session    include     system-auth
session    required    pam_loginuid.so
session    optional    pam_console.so
session    required    pam_selinux.so open
session    optional    pam_keyinit.so force revoke
session    required    pam_namespace.so
session    optional    pam_keyring.so auto_start
#session    optional    pam_gnome_keyring.so auto_start
 
Old 02-25-2010, 08:47 AM   #2
dienal
LQ Newbie
 
Registered: Feb 2010
Posts: 1

Rep: Reputation: 0
Anyone found a solution to this issue

Thanks
 
Old 02-25-2010, 02:24 PM   #3
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Original Poster
Rep: Reputation: Disabled
Nope, I gave up on it. This was/is a bug in the software. I never tried this again. The only solution I found was very insecure. You needed to store the gnome-keyring password in some file.
 
  


Reply

Tags
keyring, pam


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pam radius authentication danieldinu Linux - Security 2 07-17-2009 02:56 PM
PAM Authentication Issue SVI Suse/Novell 2 09-27-2007 02:28 PM
VNC with PAM authentication? make Linux - Software 2 06-07-2005 03:45 AM
PAM Pop3 Authentication vijaykcm Linux - Security 3 12-27-2004 12:38 PM
python pam authentication shakeeb Programming 0 09-15-2004 04:57 AM


All times are GMT -5. The time now is 02:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration