| ▲ | Waterluvian 5 hours ago | |
I kind of hate typing in my password all the time. Is there a way to sacrifice some security and do something like... ask for my password but automatically input it if my phone is detected via Bluetooth? (not connected, just detected). I don't really want to just disable passwords. I recall that causing technical pains. And this is a desktop PC in my home office and I'm just generally okay with the associated security risks. | ||
| ▲ | jeroenhd an hour ago | parent | next [-] | |
Anything with PAM integration may work for you. I use the fingerprint reader in my laptop. Others use yubikeys. You could probably throw together a quick PAM module that scans for your phone's presence. But, aside from the security/spoofing risks, Bluetooth scanning can take half a minute even when you have the device set to be discoverable so you may be faster off typing in your password. Alternatively, you could just disable the password prompt for sudo if you make sure to always lock your screen. Or not even that if you don't have disk encryption enabled, as anyone with malicious intent can do anything to an unencrypted laptop anyway. | ||
| ▲ | post-it 4 hours ago | parent | prev | next [-] | |
Mac lets you use Touch ID or your Apple Watch to authenticate sudo. I expect you could set up something custom for Linux, it seems like the type of thing AI could put together very quickly. | ||
| ▲ | Gabrys1 2 hours ago | parent | prev | next [-] | |
you can put your password to a yubikey, then it's always a long press of a button away | ||
| ▲ | the8472 4 hours ago | parent | prev [-] | |
wire up a hardware security token as a "sufficient" PAM rule. then it's just a tap. | ||