a_plus_plus
Custom MacBook login screen and pam modules using multipeer connectivity and usb hardware checks with iOS app for sign in.
//TODO:
// shutdown, reboot, and sleep from login screen
// Actual Login Screen implementation (other than pam module for sudo, su, etc)
// Screensaver implementation
// Better documentation
// Install script
The files are not commented very well, so I apologize for that.
All .so files for pam development on macos are for arm64.
features
- uuid ("hardware") check for iPhone; must be plugged in to authenticate successfully. (optional)
- random pin that is encrypted & used for key generation on one device and decrypted on another using multipeer.
- 10 second delay to prevent unwanted authentication (ex: a script) and to notify the user of a login attempt.
- app written in swift to control authentication, as well as full screen login screen that cannot be exited until delay is complete.
known vulnerabilities (unwanted features)
- Application could be called from within a loop, causing the login screen and authentication system to be called repeatedly.
- Unwanted calls to the pam module has no mechanism for prevention.
- No overall logging system within the pam module.
license note
This software and intellecutal property cannot be sold. You may use it for your personal computer and modify it / do whatever you wish to do with the code. If you pass it on, all that is required is that you leave me in the comments (ryanfitzgerald).