Using the Fingerprint Reader

Contents

7.1. Supported Applications and Actions
7.2. Managing Fingerprints with YaST

If your system includes a fingerprint reader, you can use biometric authentication in addition to standard authentication via login and password. After registering their fingerprint, users can log in to the system either by swiping a finger on the fingerprint reader or by typing in a password. openSUSE® supports most available fingerprint readers. For a list of supported devices, please refer to http://reactivated.net/fprint/wiki/Supported_devices.

If the hardware check detects the fingerprint reader integrated with your laptop (or connected to your system), the packages libfprint, pam_fp, and yast2-fingerprint-reader are automatically installed.

Currently, only one fingerprint per user can be registered. The user's fingerprint data is stored to /home/login/.fprint/.

Supported Applications and Actions

The PAM module pam_fp supports fingerprint authentication for the following applications and actions (although you may not be prompted to swipe your finger in all cases):

  • Logging in to GDM/KDM or a login shell

  • Unlocking your screen on the GNOME/KDE desktop

  • Starting YaST and the YaST modules

  • Starting an application with root permission: sudo or gnomesu

  • Changing to a different user identity with su or su - username

[Note]Fingerprint Reader Devices and Encrypted Home Directories

If you want to use a fingerprint reader device, you must not use encrypted home directories (see Kapitel Verwalten von Benutzern mit YaST (↑Referenz) for more information). Otherwise logging in will fail, because decrypting during login is not possible in combination with an active fingerprint reader device.