Managing Fingerprints with YaST

Procedure 7.1. Enabling Fingerprint Authentication

You can only use biometric authentication if PAM is configured accordingly. Usually, this is done automatically during installation of the packages when the hardware check detects a supported fingerprint reader. If not, manually enable the fingerprint support in YaST as follows:

  1. Start YaST and select Hardware+Fingerprint Reader.

  2. In the configuration dialog, activate Use Fingerprint Reader and click Finish to save the changes and close the dialog.

Now you can register a fingerprint for various users.

Procedure 7.2. Registering a Fingerprint

  1. In YaST, click Security and Users+User Management to open the User and Group Administration dialog. A list of users or groups in the system is displayed.

  2. Select the user for whom you want to register a fingerprint and click Edit.

  3. On the Plug-Ins tab, select the fingerprint entry and click Launch to open the Fingerprint Configuration dialog.

  4. YaST prompts the user to swipe his finger until three readable fingerprints have been gathered.

  5. After the fingerprint has been acquired successfully, click Accept to close the Fingerprint Configuration dialog and the dialog for the user.

  6. If you also want to use fingerprint authentication for starting YaST or the YaST modules, you need to register a fingerprint for root, too.

    To do so, set the filter in the User and Group Administration dialog to System Users, select the root entry and register a fingerprint for root as described above.

  7. After you have registered fingerprints for the desired users, click Finish to close the administration dialog and to save the changes.

As soon as the user's fingerprint has been successfully registered, the user can choose to authenticate with either fingerprint or password for the actions and applications listed in Section 7.1, “Supported Applications and Actions”.

Currently, YaST does not offer verification or removal of fingerprints, but you remove fingerprints by deleting the directory /home/login/.fprint.

For more technical details, refer to http://reactivated.net/fprint/.