Fedora Silverblue 41
I can’t find where to configure the fingerprint authentication.
fprintd and fprintd-pam are installed.
fprintd-enroll and fprintd-verify from the command line are working.
If i search “fingerprint” in GNOME Settings, it point me to Users
But I can’t find any option related to fingerprint enrollment.
What am I missing?
Added fingerprint-reader
Added f41
Can you share a screenshot of the users configuration page? There may be something to change a password and then also enroll an fprint
I think the search displays the Users option correctly, and the option should be for the specific user accessed in GNOME Settings → System → Users → {SelectedUser}. Can’t confirm though, as I don’t have a fingerprint reader. This somewhat outdated page points in the same direction.
Yes the search is correct, but there are no options about fingerprint login.
In the past (on previous Fedora release, I don’t remember, maybe 36 or 37?) I configured the fingerprint login on the same laptop.
Anything in the journal complaining about it?
Nothing.
journalctl -xe |grep -i fingerpr
Oct 26 18:16:48 pbale systemd[1]: Starting fprintd.service - Fingerprint Authentication Daemon...
Oct 26 18:16:48 pbale systemd[1]: Started fprintd.service - Fingerprint Authentication Daemon.
(Yeah, I also looked for other logs).
Is the value of the key enable-fingerprint-authentication in dconf schema org.gnome.login-screen set to true? I suppose it is, given that it is the default value.
I’ve read somewhere about cases where specific fingerprint reader models working on earlier kernel versions are not working on newer ones. Could you share the model of yours?
$ gsettings get org.gnome.login-screen enable-fingerprint-authentication
false
Bus 001 Device 007: ID 06cb:00bd Synaptics, Inc. Prometheus MIS Touch Fingerprint Reader
As stated before, it works using fprintd
$ fprintd-list alessio
found 1 devices
Device at /net/reactivated/Fprint/Device/0
Using device /net/reactivated/Fprint/Device/0
Fingerprints for user alessio on Synaptics Sensors (press):
- #0: right-index-finger
The issue is that there is no option to set fingerprint authentication from GNOME.
Does it change anything if you set the value to true?
I thing this is needed in order to get the option displayed in GNOME Settings.
$ gsettings set org.gnome.login-screen enable-fingerprint-authentication true
The key is not writable
Same message on my machine, except that in my case the value is set to true, and cannot be changed to false.
It seems this is about locking down specific dconf settings, in order to prevent users to change certain settings. There is the possibility to do that for fingerprint reader as well.
However, I don’t seem to have such a lockdown on my machine, yet the key is not writable. Or the locations have changed.
Indeed these instructions seems related to " Disallow login using a fingerprint" and not on “Allow login using a fingerprint” 
BTW I found this
$ cat /etc/authselect/dconf-db
# Generated by authselect
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
# See authselect(8) for more details.
[org/gnome/login-screen]
enable-smartcard-authentication=false
enable-fingerprint-authentication=false
So it seems related to authselect.
Was your system’s initial install done with an earlier release than F40?
Seeing your post I’ve remembered that with F40 there was a switch from the authselect profile minimal to local (the latter including the with-fingerprint feature). So I found this Fedora Magazine article confirming it. It seems that older systems weren’t migrated automatically to the new local profile.
So I’m wondering if manually migrating your profile to local(supposing your current profile is the previous minimal) will solve the issue.
It is already local
$ authselect current
Profile ID: local
Enabled features:
- with-silent-lastlog
- with-mdns4
BTW the solution is in such article:
If, for example, you want to add support for fingerprint readers, add that feature name to the list on the command line:
# authselect select local with-silent-lastlog with-mdns4 with-fingerprint
So, with
sudo authselect select local with-silent-lastlog with-mdns4 with-fingerprint
or simply
sudo authselect enable-feature with-fingerprint
Then the option in GNOME settings is now available 
Yay! 
It makes sense now: with an F40 upgrade the old minimal profile is being renamed to the new local , but the profile features are not updated, and have to be added manually.
