Date: Fri, 05 May 2006 09:03:07 +0200 From: Fredrik Lindberg <fli+freebsd-hackers@shapeshifter.se> To: Daniel O'Connor <doconnor@gsoft.com.au> Cc: freebsd-hackers@freebsd.org, aanton@spintech.ro, Cesar <listas@itm.net.br> Subject: Re: Fingerprint Authentication Message-ID: <445AF8AB.9080008@shapeshifter.se> In-Reply-To: <200605051009.49344.doconnor@gsoft.com.au> References: <00fb01c66fb2$a8e157c0$0501010a@ironman> <445A5F48.60303@spintech.ro> <200605051009.49344.doconnor@gsoft.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Daniel O'Connor wrote: > On Friday 05 May 2006 05:38, Alin-Adrian Anton wrote: >> http://www.thinkwiki.org/wiki/How_to_enable_the_fingerprint_reader >> >> SSH can do pam authentication. > > Not sure the driver will work in FreeBSD.. > There is bioapi in ports though. > > Oops. looks like ports wins again.. security/bsp_upektfmess > The driver should work fine locally. But using it remote (via ssh etc) is probably a no-go because verification of the fingerprint records are done by UPEKs driver at the hardware level. The only way as I see it (to even make it possible with UPEKs driver) is to have a reader at both the remote machine and the client machine and then capture a BioAPI record at the client machine and have the server verify it. But that involves transferring the record in a secure way to the server. Fredrik Lindberg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?445AF8AB.9080008>