Knowledge Base
Home » Main » Client pre authentication on Linux

Client pre authentication on Linux

I noticed the Apple Mac has the option to copy in a shared secret avoiding the need for the initial authentication screen. Is this also possible on Linux?

Yes. On Mac OS, the login-hook (which runs as root) performs the additional pre-authentication steps. To achieve this the workstation must be administered by your organization. The admin must be able to setup login scripts that run as root, and also copy files to a location that only the root user can access.

1. Copy the shared-secret file from the PaperCut server (location below) to the workstation in a location that is accessible and readable by root only. IMPORTANT: You must make this file readable by root only. 
     [app-path]/server/data/pc-shared-secret.dat
2. When the user logs in, run the following command MUST as root: 
     pc-client-linux.sh --pre-authenticate --user "the_user" 
         --shared-secret-file "/path/to/root-secured/shared-secret"
(all on same line)
3. Start the client with the following additional option after this command as the logging in user: 
     pc-client-linux.sh --use-pre-authentication --silent

You'll need to have a good understanding of your X login program (e.g. GDM scripts) to leverage this configuration.

Categories: Administration

keywords: linux login hook, popup authentication,

Page last modified on April 09, 2012, at 11:58 PM

Comments

Share your findings and experience with other PaperCut users. Feel free to add comments and suggestions about this Knowledge Base article. Please don't use this for support requests.