On Wed, Nov 23, 2022 at 4:54 AM Johannes Kastl <kastl@b1-systems.de> wrote:
Hi all,
this has been annoying me for several months/years and I always forgot to open up a bug report:
I am using pam_u2f to unlock my Plasma/KDE lock screen using a U2F device (the predecessor of FIDO).
This is one of those things.. that require a lot of additional work to be ready for primetime, I personally believe FIDO2 stuff needs to be a first-level, working by default authentication protocol for future distributions.. Windows hello already has it. maybe we need systemd-hellod :-) The first thing is one official pam upstream module, reviewed by pam developers, as I am not really convinced this pam_u2f module is very well tested or accounts for all corner cases.. then all the scary GUI stuff :-) So far aint nobody got the money to pay for all this to be done it seems :-)