Page MenuHome GnuPG

Poldi should allow password entry when a card is not inserted
Open, NormalPublic

Description

Currently (at least as seen with GDM and gnome-screensaver), Poldi waits for a
card to be entered without letting the user type their password (at least when
scdaemon is happy). When the card is missing, there is no way to get to input
the password apart from unplugging the card reader. This is fine (sorta) at the
moment as I only have external readers, but there are more and more computers
around that have in-built readers, for which this may cause a problem.

Therefore, I'd propose the following solution: add an option to let Poldi take
input even when the card is not inserted, and pass it to the next authentication
module if the card is not present when the entry is validated. I'm not sure
whether this should be passed as a username or a password, though...

The best option, but I'm not sure PAM support that, would be to switch to the
Poldi module anytime a card is inserted, superseding the current password prompt.

(I'm not entirely sure this report is clear... I'll be happy to provide
clarifications if needed.)