GDM - optional fingerptint login

Ok, I get it that when you use fingerprint there’s no way to unlock keyring and you have to enter password ( I don’t like it , but I get the message).

But is there a way to set it up so I would be able to use either password OR fingerpint. Another option would be ask for password as the first option if this fails try fingerprint. This way I would be able to log in with password and use fingerprint only for unlocking the screen.

It seems there must be a way as for a couple of days it has been working this way on my end (OpenSUSE Tumbleweed, Gnome 44.1). Initially it was a total mess, when I enabled fingerprint sensor GDM was in constant failed loop. I had to be fast with my password to log in.
So after reinstalling the fingerprintd packages and fiddling the settings (like modding the /etc/pam.d/common-auth-pc and adding “auth sufficient” - which later on I read that I shouldn’t touch) I got the desired behavior. Sadly it went away after the update. Tried playing with /usr/lib/pam.d/gdm-fingerprint (as it seems this is the one I should modify) but with no success.

Any suggestions?



auth       required          
auth       requisite         
auth       requisite               preauth
auth       required          
auth       optional          
auth       required          
auth       [success=ok default=1]
auth       optional          

account    substack                    common-account
account    include                     common-account

password   required          

session    substack                    common-session
session    include                     postlogin-session
session    optional           auto_start


account	required	try_first_pass


session optional
session	required
session	required	try_first_pass
session optional
session optional

This topic was automatically closed 45 days after the last reply. New replies are no longer allowed.