Login to gdm or console by key on usb stick

From Bitbull Wiki
Jump to navigation Jump to search

i tested this on fc6 and centos5

get the package and install it

wget http://download.fedora.redhat.com/pub/fedora/linux/extras/6/SRPMS/0.3.3-6.fc6.src.rpm
rpm -Uhv pam_usb-*src.rpm
rpmbuild -ba /usr/src/redhat/SPECS/pam_usb.spec
rpm -Uhv /usr/src/redhat/RPMS/i386/pam_usb-*.i386.rpm

generate a key

usbadm keygen [/path/to/mounted/usbmemorystick] [username] [bits]

configure pam for local console and gdm auto login

vi /etc/pam.d/system-auth

auth        required      pam_env.so
auth        sufficient    pam_usb.so allow_remote=1 fs=vfat check_device=-1 check_if_mounted=-1 force_device=/dev/sdb1 log_file=/var/log/pam_usb.log
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 500 quiet
auth        required      pam_deny.so