Hello all.
I’m looking for some clarity surrounding the etc/pam.d/ files i need to edit to secure my system with u2f.
I have auth required pam_u2f.so working with sudo which was an obviously named file.
I also added auth required pam_u2f.so to sddm.
But it seems i can still unlock the system (initial login requires u2f as expected) and i can still use pamac with only a password.
Does anyone know a resource for which files relate to what in etc/pam.d ?
Or should I apply the scatter gun and document my journey?
Thanks Bogdan, appreciate the help.
It’s interesting that none of the guides or wikis I’ve read mention that Systemd-homed doesnt have fido2 as a default as shown the arch forum post, it’s not something that would ever occurred to me.
Interesting that 2fa does work with login, sudo/su and yet not with other things.
How would i determine if I’m not using the correct pam.d/ files or if it IS the Systemd-homed that is stopping me.
Would the fact that the user in that post is trying to use a luks / as his secret location and that is managed by Systemd-homed where as I’m only trying to set it up in ~?
Time for me to do some reading.
Thanks again for the pointer.