2

I want to include the following PIN feature which can be used for authentication in Ubuntu 17.10 (both in a terminal session and during the login screen). Once an authentication string is entered, Ubuntu will check to see if it is "equal" to the encrypted password or to the encrypted PIN. It will authenticate. If not, the system will suspend the PIN feature until a successful authentication event has happened.

  • Can I write a script that has access to entered authentication strings, at least during the login screen?
  • Can I modify the existing Ubuntu scripts? If so, which ones?
  • Can I use the underlying password encryption mechanism for my PIN? If not, how can I get started on writing an encryption algorithm to store and recover PINs and passwords?
Miladiouss
  • 321
  • Interestingly, this was posted a little while ago: https://askubuntu.com/a/1001983/158442 – muru Feb 01 '18 at 08:07
  • @muru, That's funny, just 30min after he posted! That actually helps me get started on some stuff. Thanks. – Miladiouss Feb 01 '18 at 08:19
  • Hah, @muru very interesting :) Miladiouss: I wouldn't suggest a PIN for a terminal session because of security issues, only for a desktop session, as a PIN is easy to figure out from the network. My answer documented in the link mentioned earlier, covers the desktop part of the question. I'll see if I can find something for the suspension part of question. In the meantime, the floor is open to other solutions. :D – Savvas Radevic Feb 02 '18 at 01:15

1 Answers1

1

Quick Answer: No you can't, not simply anyways. This would not be a script change it would be a large amount of very complex C/C++ codebase alterations.

Longer answer: I think "can I write software to do X" is beyond the scope of this site.

If you are a developer with the skill to do this, I would go join a mailing list for one of the display manager of your choice, like lightdm or gdm, and ask about development of this feature.

In my survey of Linux display managers none of them support this, and adding this would involve making deep changes inside the display manager software. This software is probably mostly written in C and C++.

Warren P
  • 204
  • Update: There are some people posting scripts who claim to have done this but I tested a few of them and still haven't seen results that really replicate exactly what we want when we say "pin entry like windows". It is possible to get it to accept some hard coded string always and get you into your desktop, but that's not exactly how the PIN entry works in Windows. That's close enough for rock and roll for some people though. – Warren P Jun 03 '19 at 15:58