WSL-Hello-sudo
persistent-touch-id-sudo
WSL-Hello-sudo | persistent-touch-id-sudo | |
---|---|---|
7 | 2 | |
1,161 | 29 | |
- | - | |
0.0 | 1.8 | |
12 months ago | almost 2 years ago | |
Rust | C | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
WSL-Hello-sudo
-
Quick Tip: Enable Touch ID for Sudo
Well, `sudo` is a *nix binary, so Linux and macOS are your most popular options here.
Fingerprint authentication for sudo was enabled by default on my Manjaro install after I enrolled a fingerprint so I guess popular Linux distributions configure it automatically. If yours doesn't, try the configuration methods on this page: https://wiki.archlinux.org/title/fprint or here: https://askubuntu.com/questions/1015416/use-fingerprint-auth... or consult your operating system's documentation.
The big difference is that you need "pam_fprintd.so" instead of "pam_tid". On Ubuntu (or derived, probably), running "sudo pam-auth-update" will allow you to configure fingerprint authentication without needing to manually edit system files.
Do note that if you use a more exotic window manager, any fancy visual sudo prompts may not know how to deal with such a system.
If you're on Windows and want WSL with Windows Hello, there's this tool: https://github.com/nullpo-head/WSL-Hello-sudo which is a PAM library that will call into Windows Hello from WSL. Windows Hello should in turn support your fingerprint reader or other biometric authentication system configured for your PC.
-
WSL Hello Sudo: Face Recognition of Windows Hello on Windows Subsystem for Linux
What kind of prompt is this? It looks like Windows Terminal running Bash, but are the icons PNGs (windows + home), or a specific type-face rendering emoji?
https://github.com/nullpo-head/WSL-Hello-sudo/blob/master/de...
-
Use Touch ID for Sudo on Mac
Similarly for WSL2 using Windows Hello:
https://github.com/nullpo-head/WSL-Hello-sudo
- WSL-Hello-sudo - sudo by face recognition of Windows Hello on WSL
persistent-touch-id-sudo
-
Quick Tip: Enable Touch ID for Sudo
I'm leery of configuring user code to automatically modify system files, especially security related ones. I think your tool should at least have an option to ask user confirmation, perhaps showing the expected file diff, before making its change. https://github.com/YuriyGuts/persistent-touch-id-sudo/issues...
System updates are not frequent. I prefer doing it manually, and just automating a notification that it needs to be redone. I added this to my `.bashrc`:
if ! grep -q "pam_tid.so" /etc/pam.d/sudo ; then
What are some alternatives?
pam-watchid - PAM plugin module that allows the Apple Watch to be used for authentication
YubiKey-Guide - Guide to using YubiKey for GnuPG and SSH
sekey - Use Touch ID / Secure Enclave for SSH Authentication!
pam-duress - A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.
sudo-touchid - A fork of `sudo` with Touch ID support.
judo - Simple orchestration & configuration management
rdpwrap - RDP Wrapper Library
upmerge - maintain local changes to /etc on macOS (and maybe other systems) across upgrades
pam_reattach - Reattach to the user's GUI session on macOS during authentication (for Touch ID support in tmux)
wsl-distrod - Distrod is a meta-distro for WSL 2 which installs Ubuntu, Arch, Debian, Gentoo, etc. with systemd in a minute for you. Distrod also has built-in auto-start feature on Windows startup and port forwarding ability.