Hello,
Fedora Magazine recently posted an Authselect in Fedora Linux 40 article. After reading it I noticed that it supports activating the fingerprint reader and indeed I ran this on my machine:
# sudo authselect select sssd with-mkhomedir with-mdns4 with-fingerprint
This has indeed enabled the fingerprint reader! Unfortunately I was only able to use the settings UI to enrol fingerprints for a local user account:
However, when I click on my “enterprise” account served by SSSD, I do not get options to do the same, even though the support is clearly present:
myuser@ad.home.lan@mylaptop ~> authselect current
Profile ID: sssd
Enabled features:
- with-mkhomedir
- with-mdns4
- with-fingerprint
There is not “Fingerprint Login” section, so I can’t actually enable it…
After searching for a while, I found out that you can manually add the fingerprint from command line, so I ran: fprintd-enroll
and after touching the reader as instructed… SUCCESS!
myuser@ad.home.lan@mylaptop ~> fprintd-list myuser@ad.home.lan
found 1 devices
Device at /net/reactivated/Fprint/Device/0
Using device /net/reactivated/Fprint/Device/0
Fingerprints for user myuser@ad.home.lan on Goodix MOC Fingerprint Sensor (press):
- #0: right-index-finger
It fortunately DOES WORK! I am able to enjoy the functionality, even though the UI in gnome’s control centre doesn’t seem to work properly:
myuser@ad.home.lan@mylaptop ~> sudo fish -l
Place your right index finger on the fingerprint reader
Welcome to fish, the friendly interactive shell
Type help for instructions on how to use fish
root@mylaptop /h/myuser@ad.home.lan#
Not only can I authenticate for sudo, but also on the GDM login screen!