Support 2FA pin code and password with security keys

swaywm / swaylock

Screen locker for Wayland

MIT License

851 stars 202 forks source link

Support 2FA pin code and password with security keys #270

Open NgoHuy opened 1 year ago

NgoHuy commented 1 year ago

Hi teams,

Thank for great application, I have use yubikey and setup login requires pin and password, but after I enter the pin, it sent to pam quickly, not required password.

The pam's setup is here:

$ cat /etc/pam.d/system-auth
#%PAM-1.0

auth      required pam_u2f.so pinverification=1 cue
#auth      sufficient pam_fprintd.so
auth      required  pam_unix.so     try_first_pass nullok

I think it should handle seperate pam module instead send pam quickly as enter first pass.

ghost commented 1 year ago

You can already do this just modify /etc/pam.d/swaylock just like you did with system-auth

NgoHuy commented 1 year ago

You can already do this just modify /etc/pam.d/swaylock just like you did with system-auth

I did it before submitting the issue, it used first module then pass to pam handle