fprintd-enroll

Enroll the right index finger for the current user

$ fprintd-enroll

$ fprintd-enroll [[-f|--finger]] [left-thumb|left-index-finger|left-middle-finger|left-ring-finger|left-little-finger|right-thumb|...]

$ fprintd-enroll [username]

$ fprintd-enroll [[-f|--finger]] [finger_name] [username]

$ fprintd-enroll --help

fprintd-enroll [OPTIONS] [USER]

-f, --finger finger_name
    Specifies which finger to enroll (e.g., 'left-thumb', 'right-index', 'left-middle'). This helps label the enrolled fingerprint for easier management.

-u, --user username
    Specifies the user account for which the fingerprint should be enrolled. If omitted, the command typically defaults to the current logged-in user.

-d, --device device_path
    Selects a specific fingerprint device to use if multiple are available. The path can usually be obtained from fprintd-list-devices.

-v, --verbose
    Increases the verbosity of the output, displaying more detailed information about the enrollment process, which can be useful for debugging.

--force
    Overwrites any existing fingerprint data for the specified finger and user without prompting for confirmation. Use with caution.

-h, --help
    Displays a brief help message including usage instructions and a list of available options.

fprintd-enroll is a command-line utility used to enroll a new fingerprint into the fprintd (Fingerprint Daemon) service. It acts as an interface between the user and the daemon, facilitating the capture of biometric data from a connected fingerprint scanner. During the enrollment process, the user is typically prompted to repeatedly place or swipe their finger on the sensor until sufficient data is collected for accurate and reliable recognition.

This tool is fundamental for setting up biometric authentication on Linux systems, enabling users to log in, unlock their screen, or perform privileged operations using their enrolled fingerprints instead of traditional password-based authentication. It ensures the captured fingerprint data is securely processed, stored, and managed by the fprintd daemon for future verification.

fprintd-enroll requires the fprintd (Fingerprint Daemon) service to be running and properly configured.
Enrolling fingerprints, especially for other users or for system-wide authentication, typically requires elevated privileges (e.g., root access or appropriate Polkit authorization).
The success and quality of enrollment are highly dependent on the specific fingerprint sensor hardware and the installed libfprint drivers.
User interaction (repeatedly touching/swiping the finger) is mandatory throughout the enrollment process.

The command is highly interactive. Once executed, it will guide the user through a series of steps, prompting them to place their finger on the scanner multiple times from different angles until enough data is captured to create a comprehensive biometric template.

To enroll a fingerprint, especially for another user or if not running as root, a Polkit authentication prompt will typically appear. This prompt requires the user to authenticate themselves (e.g., with their password) to grant fprintd-enroll the necessary privileges to modify fingerprint data managed by the daemon.

fprintd-enroll is an integral part of the fprintd project, which was initiated to provide a standardized D-Bus interface for various fingerprint readers on Linux and a robust framework for integrating biometric authentication into system services. Its development has progressed alongside the evolution of the underlying libfprint library, aiming to offer broader hardware support and improved reliability for fingerprint authentication on open-source platforms.

fprintd(8), fprintd-list-devices(1), fprintd-verify(1), fprintd-delete(1), pam_fprintd(8)