Setting up PAM with USB

pam_usb (active fork of the original repo) provides hardware authentication for Linux using ordinary USB Flash Drives.

It works with any application supporting PAM, such as su and Display manager.

Install pam_usb package from AUR.

Set up devices and users:

sudo pamusb-conf --add-device Credentials
sudo pamusb-conf --add-user $(whoami)

Note that Credentials can be any arbitrary name you would like.

Test the configuration using pamusb-check faz.

Set up the PAM module in /etc/pam.d/system-auth:

The default PAM configuration file should include the following line:

auth    [success=2 default=ignore]    pam_unix.so try_first_pass nullok_secure

Change it to:

auth    sufficient                    pam_usb.so
auth    [success=2 default=ignore]    pam_unix.so nullok_secure

Now you should be able to authenticate with the relevant USB device plugged-in.

$ sudo su
* pam_usb v.SVN
* Authentication request for user "root" (su)
* Device "MyDevice" is connected (good).
* Performing one time pad verification...
* Verification match, updating one time pads...
* Access granted.

FAZuH's Notes

Setting up PAM with USB

Recent Notes

index

tugas-kelompok-2_202510301543

mathstat7.5

theorem-neyman-theorem_202508052229

theorem-central-limit-theorem_202509190924

Graph View

Backlinks