LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 11-05-2017, 07:22 AM   #1
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Rep: Reputation: Disabled
Cool SSH from Linux using your Fingerprint and Android phone!


Hi and hello,
Let me introduce to you the newest SSH security plugin! FiSSH!

FiSSH is a way for you to use an Android phone with a fingerprint reader instead of your old, hard to remember SSH keyphrase.

Did I mention the best part?
The app is licensed GNU General Public License 3.0 and is available at the low price of $0.000 (NOTHING! ZERO!)


Download link:

https://play.google.com/store/apps/d...ch.iodev.fissh

Is it secure?

I take great care to make sure all my products are secure and ready for enterprise usage. The app is totally secure, even on rooted phones! but at the same time accessible and life simplifying!

So no app can extract my SSH keyphrase?

No, not unless you are uncareful and get your phone infected and also click Allow to a piece of malware's request for root, in which case you did it to yourself!

What else will it do?

It'll make you look cool

Enjoy!
 
Old 11-05-2017, 04:13 PM   #2
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware & Android
Posts: 9,551

Rep: Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997
I have a samsung S7 Edge. I tried setting up fingerprinting and gave up, because it is an absolute pita and never worked the same way twice. So I was locking myself out of my own phone - it's that secure:-o.
 
Old 11-06-2017, 02:10 AM   #3
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 10,170
Blog Entries: 7

Rep: Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517Reputation: 2517
there was a thread here recently discussing how safe fingerprint reading in consumer devices is.
turns out it is very easy to fake, iirc all you need is a photo of someone's finger.
 
Old 11-06-2017, 02:33 AM   #4
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 3,544
Blog Entries: 3

Rep: Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580Reputation: 1580
Quote:
Originally Posted by ondoho View Post
iirc all you need is a photo of someone's finger.
Or some superglue and a gummi bear.

Fingerprints work fine as identifiers, in theory, but the tech is not up to speed yet. However, the bigger problem is that many ecompanies confuse identifier with authentication factor. So using the fingerprint in place of a UID would be fine, in principle. But using the fingerprint in place of a password is not.

That said, the code sound interesting.
 
Old 11-06-2017, 03:29 AM   #5
rokytnji
LQ Veteran
 
Registered: Mar 2008
Location: Waaaaay out West Texas
Distribution: AntiX 17
Posts: 5,588
Blog Entries: 20

Rep: Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664Reputation: 2664
Thanks for this.
 
Old 11-06-2017, 11:40 AM   #6
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
As it turns out, yes smartphone fingerprint scanners can be fooled, but a hacker would have to invest quite a lot of energy and effort to do so. And 99% of the time, you're not a target.

Last edited by iodev; 11-06-2017 at 11:57 AM.
 
Old 11-06-2017, 12:49 PM   #7
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by rokytnji View Post
Thanks for this.
You're welcome!
Please leave a review (on Google Play) if you like it :-)

Last edited by iodev; 11-06-2017 at 12:55 PM.
 
Old 11-06-2017, 12:56 PM   #8
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,895

Rep: Reputation: 571Reputation: 571Reputation: 571Reputation: 571Reputation: 571Reputation: 571
ssh from linux, but with QT? Where's the command-line version?
 
Old 11-06-2017, 12:59 PM   #9
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
Command line? I don't think that is a good idea, as the app needs to clearly display that you're prompted for authorization on your phone. Don't you use a tilling WM?

You can make a command line version if you want, I for one think it is better so.

Last edited by iodev; 11-06-2017 at 01:14 PM.
 
Old 11-14-2017, 01:22 PM   #10
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
Sorry @gnashley.

Last edited by iodev; 11-14-2017 at 01:36 PM.
 
Old 11-24-2017, 12:08 PM   #11
FlinchX
Member
 
Registered: Nov 2017
Distribution: Slackware Linux
Posts: 252

Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
Or some superglue and a gummi bear.
Theoretically, horror stories with chopped fingers are possible as well.
 
Old 11-24-2017, 12:50 PM   #12
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by FlinchX View Post
Theoretically, horror stories with chopped fingers are possible as well.

Hahahaha

Disclaimer: Sorry, fingerprint auth is not so safe if you're being chased by a psychopath that's gonna chop off your fingers.
Also, gummi-bear requires a mold of your finger, who is gonna make one?
A thief can knock you out and then unlock with your finger. Simple!
 
Old 11-24-2017, 02:39 PM   #13
FlinchX
Member
 
Registered: Nov 2017
Distribution: Slackware Linux
Posts: 252

Rep: Reputation: Disabled
Quote:
Originally Posted by iodev View Post
A thief can knock you out and then unlock with your finger. Simple!
There must be a more pleasant way for sure. A Kunoichi for example. Who uses your finger while you sleep.
 
Old 11-28-2017, 11:19 AM   #14
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171Reputation: 3171
I have never found a fingerprint-reader that actually worked worth a tinker's dam . . .

I'm certainly never going to rely on it, expecting that it would "lock me out of my own phone."
 
Old 01-25-2018, 05:18 AM   #15
iodev
LQ Newbie
 
Registered: Aug 2017
Distribution: Debian
Posts: 2

Original Poster
Rep: Reputation: Disabled
NEWS! FiSSH has just received an update that prevents MITM attacks. It is now even more safe!
 
  


Reply

Tags
android, linux, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Fix my android phone with linux v1p3r-R Linux - Mobile 6 12-26-2016 01:59 PM
LXer: Ubuntu Phone to Add Fingerprint Unlocking LXer Syndicated Linux News 0 02-20-2016 03:43 PM
LXer: FIDO-Based Fingerprint Authentication on Android? Early 2014 LXer Syndicated Linux News 0 10-08-2013 04:50 AM
[SOLVED] ssh console from Android phone to Linux desktop SecretCode Linux - Mobile 2 09-17-2012 04:13 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 05:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration