YubiKey lock screen

From D3xt3r01.tk
Revision as of 23:08, 23 October 2012 by Admin (talk | contribs) (→‎HOW)
Jump to navigationJump to search

What

I'm trying to make my fedora desktop lock the screen when it sees my yubikey removed from the usb slot.

HOW

Get the serial, idVendor, idProduct of the thing. 

udevadm info -a -p $(udevadm info -q path -n /dev/hidraw0)

Create a /etc/udev/rules.d/85-screen-lock-toggle.rules 

SUBSYSTEM=="usb", ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0010", ENV{ID_SERIAL_SHORT}=="0001484196", RUN+="/usr/local/bin/gnome-lock enable"

Also you should probably reload the rules: 

udevadm control --reload-rules

And you should create the 2 scripts (you'll probably have to comment out default requirretty in /etc/sudoers) : 

~# cat /usr/local/bin/gnome-lock
#!/bin/bash
log="/tmp/yubi_lock_log"
echo "$(date) $(whoami) '$0' '$1'" >> ${log}

user=`ps aux | grep gnome-screensaver | head -n 1 | awk '{print $1}'`
export DISPLAY=":0"
if [ -n $user -a "$1" == "enable" ]
then
        sudo -u ${user} /usr/bin/gnome-screensaver-command -l >> ${log} 2>&1
fi
Retrieved from "https://wiki.d3xt3r01.tk//index.php?title=YubiKey_lock_screen&oldid=6563"