Lock and Unlock from USB disk (pendrive)

I know it's a terribly late answer, just thought it might help future readers. I posted the answer at Locking with USB drive

Well, a module called PAM (Pluggable Authentication module) can be customized to achieve your need. A beautiful article is available on linuxconfig describing this in detail.

The steps are:

1. Install PAM

   $ sudo apt-get install pamusb-tools libpam-usb
   

2. Add USB device to PAM config

   $ sudo pamusb-conf --add-device <my-usb-stick>
   

3. Select your volume and "Y" to save

4. Define user for PAM auth

   $ sudo pamusb-conf --add-user <ubuntu-user>
   

5. Select and "Y" to save

6. Configure PAM

   $ sudo gedit /etc/pam.d/common-auth
   

7. Add the line below and save

   auth    sufficient      pam_usb.so
   

8. Test the PAM auth

   $ su ubuntu-user
   

9. Lock when disconnected

   $ sudo gedit /etc/pamusb.conf
   

10. Modify the block "user" block to look like:

    <user id="ubuntu-user"> 
          <device> 
                  my-usb-stick 
          </device> 
          <agent event="lock">gnome-screensaver-command -l</agent> 
          <agent event="unlock">gnome-screensaver-command -d</agent> 
     </user>*
    

In

/etc/udev/rules.d/

you can write a script

SUBSYSTEM=="usb", SYSFS{idProduct}=="PPPP", SYSFS{idVendor}=="VVVV", RUN+="/usr/sbin/usb-locking"

where PPPP and VVVV are values you can extract with lsusb.

Every identic product will match, but usb-locking could mount the device, and look at the drive itself for further legitimation - some file, some bytecode in there, the date ...

It's vulnerable if somebody else get's access to the stick, of course.

The script could further look every minute, whether the stick is still mounted, and lock if not.

Thanks for your suggestion.. I wrote a simple script utilizing the lsusb command and put in system -> preferences-> startup applications. The script is as follows..

#!/bin/sh
# Script to automatically lock and unlock the computer when my usb pendrive is removed

LSUSB=`which lsusb`

if [ -z $LSUSB ]; then
    echo "No lsusb command found. exiting.. \n"
    exit 56
fi


while :
do
    sleep 3
    echo "Running in loop"
    # Check the USB drive

    USB=`lsusb | grep Logitech`

    if [ -n "${USB}" ] ; then
        echo "USB Device: Transcend found"
        # find and kill any screensaver found.
        gnome-screensaver-command --deactivate
        continue
    fi

    # USB Device Not Found
    # Check if screensaver is running or not
    # if not running then start screensaver
    gnome-screensaver-command --activate


done

exit 0