mirror of
https://github.com/boltgolt/howdy.git
synced 2024-09-19 09:51:19 +02:00
Spelling fixes and an added note on security
This commit is contained in:
parent
7b9db83ad0
commit
799bab81a6
3 changed files with 13 additions and 4 deletions
|
@ -35,3 +35,12 @@ If nothing went wrong we should be able to run sudo by just showing your face. O
|
||||||
### Troubleshooting
|
### Troubleshooting
|
||||||
|
|
||||||
Any errors in the script itself get logged directly into the console and should indicate what went wrong. If authentication still fails but no errors are printed you could take a look at the last lines in `/var/log/auth.log` to see if anything has been reported there.
|
Any errors in the script itself get logged directly into the console and should indicate what went wrong. If authentication still fails but no errors are printed you could take a look at the last lines in `/var/log/auth.log` to see if anything has been reported there.
|
||||||
|
|
||||||
|
|
||||||
|
### A note on security
|
||||||
|
|
||||||
|
This script is in no way as secure as a password and will never be. Although it's harder to fool than normal face recognition, a person who looks similar to you or well-printed photo of you could be enough to do it.
|
||||||
|
|
||||||
|
To minimize the chance of this script being compromised, it's recommend to store this repo in `/etc/pam.d` and to make it read only.
|
||||||
|
|
||||||
|
DO NOT USE THIS SCRIPT AS THE SOLE AUTHENTICATION METHOD FOR YOUR SYSTEM.
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
[core]
|
[core]
|
||||||
# Do not print anything when a face vericication succeeds
|
# Do not print anything when a face verification succeeds
|
||||||
no_confirmation = false
|
no_confirmation = false
|
||||||
|
|
||||||
# When a user without a known face model tries to use this script, don't
|
# When a user without a known face model tries to use this script, don't
|
||||||
# show an error but fail silently
|
# show an error but fail silently
|
||||||
supress_unknown = false
|
suppress_unknown = false
|
||||||
|
|
||||||
[video]
|
[video]
|
||||||
# The certainty of the detected face belonging to the user of the account
|
# The certainty of the detected face belonging to the user of the account
|
||||||
# On a scale from 1 to 10, values above 5 are not recomended
|
# On a scale from 1 to 10, values above 5 are not recommended
|
||||||
certainty = 3
|
certainty = 3
|
||||||
|
|
||||||
# The number of frames to capture and to process before timing out
|
# The number of frames to capture and to process before timing out
|
||||||
|
|
2
pam.py
2
pam.py
|
@ -20,7 +20,7 @@ def doAuth(pamh):
|
||||||
|
|
||||||
# Status 10 means we couldn't find any face models
|
# Status 10 means we couldn't find any face models
|
||||||
if status == 10:
|
if status == 10:
|
||||||
if config.get("core", "supress_unknown") != "true":
|
if config.get("core", "suppress_unknown") != "true":
|
||||||
pamh.conversation(pamh.Message(pamh.PAM_ERROR_MSG, "No face model known"))
|
pamh.conversation(pamh.Message(pamh.PAM_ERROR_MSG, "No face model known"))
|
||||||
return pamh.PAM_USER_UNKNOWN
|
return pamh.PAM_USER_UNKNOWN
|
||||||
# Status 11 means we exceded the maximum retry count
|
# Status 11 means we exceded the maximum retry count
|
||||||
|
|
Loading…
Reference in a new issue