Hardware authentication for Linux using ordinary USB Flash Drives.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Andrey Utkin 2055bc9a0a Fix parsability of shipped config file 9 years ago
doc Fix parsability of shipped config file 9 years ago
src when creating system pad file change all occurences of / in the device name with _. This ensures that a correct filename will be create even when there are slashes in the device name 12 years ago
tools tools/pamusb-conf: Added SDCard support 13 years ago
utils Removed deprecated scripts 13 years ago
.gitignore Added .gitignore 13 years ago
COPYING Repository cleanup 13 years ago
ChangeLog Updated ChangeLog 13 years ago
Makefile Fix misspellings. 12 years ago
README.md Update README.md 12 years ago

README.md

pam_usb

pam_usb provides hardware authentication for Linux using ordinary USB Flash Drives.

It works with any application supporting PAM, such as su and login managers (GDM, KDM).

Features

  • Password-less authentication. Use your USB stick for authentication, don't type passwords anymore.
  • Device auto probing. You don't need to mount the device, or even to configure the device location (sda1, sdb1, etc). pam_usb.so will automatically locate the device using UDisks and access its data by itself.
  • Two-factor authentication. Achieve greater security by requiring both the USB stick and the password to authenticate the user.
  • Non-intrusive. pam_usb doesn't require any modifications of the USB storage device to work (no additional partitions required).
  • USB Serial number, model and vendor verification.
  • Support for One Time Pads authentication.
  • You can use the same device accross multiple machines.
  • Support for all kind of removable devices (SD, MMC, etc).

Tools

  • pamusb-agent: trigger actions (such as locking the screen) upon device authentication and removal.
  • pamusb-conf: configuration helper.
  • pamusb-check: integrate pam_usb's authentication engine within your scripts or applications.

Getting Started