Published multiple files
All checks were successful
Build and Deploy Quartz / build (push) Successful in 26s
All checks were successful
Build and Deploy Quartz / build (push) Successful in 26s
This commit is contained in:
Quartz Syncer
120
content/10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/fprintd.md
Normal file
120
content/10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/fprintd.md
Normal file
@@ -0,0 +1,120 @@
|
||||
---
|
||||
publish: true
|
||||
permalink: /10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/fprintd.md
|
||||
title: fprintd
|
||||
created: 2026-02-05T09:31:46.737-07:00
|
||||
modified: 2026-02-05T09:32:30.884-07:00
|
||||
tags:
|
||||
- security
|
||||
- fingerprint
|
||||
- authentication
|
||||
cssclasses: ""
|
||||
---
|
||||
|
||||
Fingerprint authentication daemon for Linux. Works with [[10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/hyprlock]] and system login.
|
||||
|
||||
## Installation
|
||||
|
||||
```bash
|
||||
sudo pacman -S fprintd
|
||||
```
|
||||
|
||||
The service starts on-demand, no need to enable it.
|
||||
|
||||
## Enroll Fingerprints
|
||||
|
||||
```bash
|
||||
# Enroll a finger (follow prompts)
|
||||
fprintd-enroll
|
||||
|
||||
# Enroll specific finger
|
||||
fprintd-enroll -f right-index-finger
|
||||
|
||||
# List enrolled fingerprints
|
||||
fprintd-list $USER
|
||||
```
|
||||
## PAM Configuration
|
||||
|
||||
### For hyprlock
|
||||
|
||||
Create `/etc/pam.d/hyprlock`:
|
||||
```
|
||||
# PAM configuration file for hyprlock
|
||||
auth include login
|
||||
```
|
||||
|
||||
This inherits from the login config which includes fprintd.
|
||||
|
||||
### For system login
|
||||
|
||||
Edit `/etc/pam.d/system-local-login` — usually already configured if using default Arch PAM.
|
||||
|
||||
### Manual PAM setup
|
||||
|
||||
To add fingerprint auth to any PAM service, add before password auth:
|
||||
```
|
||||
auth sufficient pam_fprintd.so
|
||||
```
|
||||
|
||||
## hyprlock Integration
|
||||
|
||||
Enable in `~/.config/hypr/hyprlock.conf`:
|
||||
```bash
|
||||
auth {
|
||||
fingerprint {
|
||||
enabled = true
|
||||
ready_message = Scan fingerprint to unlock
|
||||
present_message = Scanning...
|
||||
retry_delay = 250
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Check service status
|
||||
|
||||
```bash
|
||||
systemctl status fprintd
|
||||
```
|
||||
|
||||
### Verify device detection
|
||||
|
||||
```bash
|
||||
fprintd-list $USER
|
||||
```
|
||||
|
||||
Should show your fingerprint reader device.
|
||||
|
||||
### Re-enroll if not working
|
||||
|
||||
```bash
|
||||
fprintd-delete $USER # Delete all prints
|
||||
fprintd-enroll # Re-enroll
|
||||
```
|
||||
|
||||
### Debug
|
||||
|
||||
```bash
|
||||
# Run fprintd in foreground with debug
|
||||
sudo /usr/libexec/fprintd -d
|
||||
```
|
||||
|
||||
## Supported Devices
|
||||
|
||||
Framework Laptop 13 uses the **Goodix MOC Fingerprint Sensor** which works out of the box with fprintd.
|
||||
|
||||
Check if your device is supported:
|
||||
```bash
|
||||
lsusb | grep -i fingerprint
|
||||
```
|
||||
|
||||
## Security Notes
|
||||
|
||||
- Fingerprint is "sufficient" not "required" — password always works as fallback
|
||||
- Fingerprints are stored encrypted in `/var/lib/fprint/`
|
||||
- Consider if fingerprint auth meets your security requirements
|
||||
|
||||
## Resources
|
||||
|
||||
- Arch Wiki: https://wiki.archlinux.org/title/Fprint
|
||||
Reference in New Issue
Block a user