diff options
Diffstat (limited to 'nixos/modules/security/pam.nix')
| -rw-r--r-- | nixos/modules/security/pam.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 844a9da0eb46..3b5dd41868be 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -54,6 +54,15 @@ let ''; }; + fprintAuth = mkOption { + default = config.services.fprintd.enable; + type = types.bool; + description = '' + If set, fingerprint reader will be used (if exists and + your fingerprints are enrolled). + ''; + }; + sshAgentAuth = mkOption { default = false; type = types.bool; @@ -179,6 +188,8 @@ let "auth required pam_tally.so"} ${optionalString (config.security.pam.enableSSHAgentAuth && cfg.sshAgentAuth) "auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=~/.ssh/authorized_keys:~/.ssh/authorized_keys2:/etc/ssh/authorized_keys.d/%u"} + ${optionalString cfg.fprintAuth + "auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so"} ${optionalString cfg.usbAuth "auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so"} ${optionalString cfg.unixAuth |