### # # ###### # # # ####### # # # ## ## # # # # # # # # # # # # # # # # # # # # # # # # # # # ###### # # # # # ####### # # # # ####### # # # # # # # # # # # # # # # # ### # # # # # ##### # # # -------------------- | 1. abstract | | 2. dependecies | | 3. parts | | 4. functionality | -------------------- 1. abstract ----------- impauth is a collection of tools that provide improved authentication facilities using data stored on an usbstick. You can store your username and pass and will be logged in automatically. Also encrypted devices will be opened for you. If you want, you can store your complete homedir on the stick and log in on every pc that allows this. impauth also provides a set of configuration-tools. 2. dependencies --------------- impauth's basic layer is only udev-based. Of course, you need ext2fs, too. If you want to use the encryption facilities, you have to have enabled dm_crypt, the aes cipher and loop device support in the kernel and you need the cryptsetup program. 3. parts -------- -the files /etc/udev/rules.d/_impauth.rules and /etc/hotplug.d/usbstick/_impauth.dev These are files for udev that map usbsticks to /dev/usbstick, create symlinks to internal names (such s /dev/sg0...) and do all necessary things if a stick that is suited for impauth is detected. -the programs timpauth,nimpauth,qimpauth,kimpauth and eimpauth These are config tools for impauth. All configuration is done through this. DON'T EDIT THE STICK ITSELF! These programs can also be used to access a encrypted homedir on the stick. The names indicate the interface: -timpauth is text-only -nimpauth uses ncurses -gimpauth " gtkmm -qimpauth " qt -eimpauth " the efl -patches for xdm, gdm, kdm, entrance and agetty 4. functionality ---------------- there are two ways to use impauth (or, more correct, an usbstick edited by one of the ?impauth tools), in local mode or in stand- alone mode. -local mode You can use this stick unly at the pc it was configured (ore on a more or less exactly same configured system). facilities automatic login You can store your username and pass on the stick and become logged in if you insert the stick storing configs in an encrypted file (because of passwords saved there) all ~/.* are saved at a encrypted file at ~, symlinks are created if the stick is inserted problem: this is only useful if done before logging in because otherwise the "local" config will be overridden open encrypted devices impauth can save the passwords and automatically open encrypted devices/files -stand-alone mode You can use the stick on every pc that has impauth and allows this feature, your complete home is stored on the stick facilities additional to those you have in local mode, you can save your complete home on the stick. In this case, it's not reasonable to work with encrypted devices. But you can save the home encrypted, without saving the pass on the stick. This has the following advantage: you can type your pass into a patched dm's entry after inserting the stick. This pass is used to decrypt the home directory on the stick. If this succeeds, you get authenticated, else not.