fprintd-enroll

Enroll the right index finger for the current user

$ fprintd-enroll

$ fprintd-enroll [[-f|--finger]] [left-thumb|left-index-finger|left-middle-finger|left-ring-finger|left-little-finger|right-thumb|...]

$ fprintd-enroll [username]

$ fprintd-enroll [[-f|--finger]] [finger_name] [username]

$ fprintd-enroll --help

fprintd-enroll [finger] [-f, --finger FINGER] [-t, --timeout SECONDS] [-n, --num-failures N] [-h, --help] [--version]

-f, --finger FINGER
    Specify finger to enroll (e.g., right-index-finger, left-thumb). Default: any available.

-t, --timeout SECONDS
    Maximum time to wait for each finger scan (default: 10).

-n, --num-failures N
    Number of failed scans before aborting (default: 3).

-h, --help
    Display help and exit.

--version
    Print version information and exit.

fprintd-enroll is a command-line utility provided by the fprintd package, a D-Bus service for managing fingerprint readers on Linux systems. It allows users to enroll (register) their fingerprints into the personal fprintd database stored in ~/.local/share/fprintd/. This enables fingerprint-based authentication for services like login, sudo, or screen unlocking via PAM integration.

The tool interacts with supported USB fingerprint scanners, capturing multiple images of a finger by prompting the user to place it on the reader several times. It uses image processing to create a mathematical template, which is stored securely and matched later during verification. Enrollment typically requires 5-10 good scans, depending on device quality and finger placement.

Key features include specifying a particular finger (e.g., right-index-finger), setting scan timeouts, and limiting retry attempts on scan failures. Successful enrollment adds the template to the database, allowing tools like fprintd-verify to authenticate the user. It runs as the local user, ensuring fingerprints are tied to individual accounts.

Requires a compatible fingerprint reader (e.g., Validity, Upek) and the fprintd daemon running. Enrollment fails if no device is detected or permissions are insufficient. It's essential for setting up biometric auth in desktop environments like GNOME or KDE.

Requires running fprintd daemon and supported USB fingerprint reader. Must run as target user (not root). Fails on poor finger placement, dirty sensors, or dry skin. Templates are not portable across devices.

Standard names: left-thumb, left-index-finger, left-middle-finger, left-ring-finger, left-little-finger, right-thumb, right-index-finger, right-middle-finger, right-ring-finger, right-little-finger.

fprintd-enroll
Enroll any finger interactively.

fprintd-enroll right-index-finger
Enroll specific right index finger.

fprintd-enroll -t 5 -n 2 left-thumb
Enroll left thumb with short timeout and few retries.

Part of fprint project since ~2007; fprintd CLI tools stabilized around 2010 with libfprint v0.4. Actively maintained for modern desktops, integrated in Fedora, Ubuntu.

fprintd-verify(1), fprintd-delete(1), fprintd-list(1), fprintd-enroll-pk(1)