[fprint] fprint authentication over ssh
i.gnatenko.brain at gmail.com
Wed Jul 16 05:11:32 PDT 2014
On Sat, Jul 12, 2014 at 3:59 PM, Pavel Herrmann <morpheus.ibis at gmail.com> wrote:
> On Saturday 12 of July 2014 15:35:33 Igor Gnatenko wrote:
>> I have local laptop with finger scanner and have remote server.
>> Can I login over ssh and authorize by fingerprint?
> do you want this as a gimmick, or as a real security feature?
real security feature.
> one way to do this (the gimmicky one) is to have public key auth on ssh, and
> have a program on the laptop that unlocks/decrypts your key only if it gets
> the right fingerprint.
> However, if an attacker were to steal your laptop, he could reverse said
> program to decrypt your private key without needing your fingerptint, so its
> not really any more secure than having a decrypted private key on your laptop
> for real security, you would need to implement the fingerprint matching on a
> secure system (not your laptop)
Can you provide some more info what I want to do. I could implement,
but don't know from what start.
I.e. would be good if I will know all, what I should write. New pam
module or what.
> Pavel Herrmann
More information about the fprint