Logging into Ubuntu using works access card
I’ve been playing with NFC (Near Field Communication) technology for work recently, and as an aside this Friday afternoon I decided to set up my Ubuntu development box to log in automatically when I scan my work pass. Perhaps a little pointless, but it could have some uses… Anyway here are my notes.
To do this you’ll need an NFC card reader. I’m using one from Touchatag, for no other reason that it was the one provided to me by work. But to be honest, I might just go out and buy one anyway.
Fortunately somebody, somewhere has already written the software to do all of this - and all you have to do is compile, install and configure. You’ll need libnfc and pam_nfc.
Dependencies
You’ll need to install several packages before any of the tools will work
sudo apt-get install build-essential autoconf2.64 libtool pkgconfig libusb-dev libpcsclite-dev wget libpam0g-dev
libnfc
Download libnfc from Google Code:
wget http://libnfc.googlecode.com/files/libnfc-1.3.4.tar.gz
Extract and navigate to the folder:
tar xvf libnfc-1.3.4.tar.gz
cd libnfc-1.3.4
Configure, Compile and Install!
autoreconf -vis
./configure
make
sudo make install
sudo ldconfig
Test the detection of any NFC devices by plugging in your card reader and placing a card on it. Running the following command should display your card:
nfc-list
If these instructions don’t work try the libnfc installation documentation.
pam_nfc
pam_nfc is the module which handles the authentication. You’ll also need to download and compile this from source.
svn checkout http://nfc-tools.googlecode.com/svn/trunk/pam_nfc
cd pam_nfc
autoreconf -vis
./configure --prefix=/usr --sysconfdir=/etc --with-pam-dir=/lib/security
sudo make install
Modify /etc/pam.d/login and /etc/pam.d/gdm and add the following line:
auth sufficient pam_nfc.so
Now you need to associate your user account with an NFC card:
sudo pam-nfc-add ogriffin