google summer of code
ness
e_mc_h2 at web.de
Fri Jun 3 18:09:58 UTC 2005
Hm, pam_usb looks interesting. But there are some things I don't like:
-you have to enter your username first
-It's pam based - some guys don't like this
-It looks too big for something simple at all
-I think pam isn't the right place to do sth. like that, because it only
authenticates. It can't do any additional things like open an encrypted
device or so
But pam has some nice things that make it a goog place for sth.:
-much applications use it, so there're no patches needed at all
-it really does the authentication, so you don't need to safe the real
pass on the usbstick and can work with public/private keys
All in all I think it's better to write a new, not pam-based usblogin
using ipc, udev (OK, not all guys use udev, but I think it's the future,
pam isn't I think) and patches for the dm (theese aren't so much at all,
right?)
I thought to logout the user, if the usbstick is removed not locking the
session, but this only a config option I think...
OK, how ever, you've to decide whether you'd like to mentor this project.
More information about the fedora-devel-list
mailing list