Unix Biometrics using Polkit

Feature/Fix name:

Biometrics for Linux and other Unix systems

Feature/Fix Description

I implemented a basic prototype for biometrics on Linux using PAM. It works by extending the existing native rust module to add a client for PAM. PAM has modules for fprintd for fingerprints and howdy for face unlock.

Currently, unlocking using biometrics works. Still missing are:

  • Installing the correct PAM policy on install
  • Testing availability correctly (currently just returns true)

Clients / Repos Affected:

  • (Browser)
  • Desktop

Link to branch:

If you want to test this, you need to manually create a PAM policy:

cat /etc/pam.d/bitwarden     
# PAM configuration file for bitwarden

auth sufficient pam_fprintd.so

For fingerprints, so when clicking unlock it just silently awaits the fingerprint being scanned. IMO since the other platforms rely on the OS’s GUI, this should be the same for PAM.

For fprintd we can use Fingerprint GUI - ArchWiki

Labels are now correct. PR:

Thanks for the contribution proposal, reviewing with the team :+1:

1 Like