a tiny script to auto lock and unlock gnome session

85-yubikey-screen-lock.rules

SUBSYSTEM=="usb", ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}="0407", RUN+="/usr/local/bin/yubikeylocker.sh"                                                              
SUBSYSTEM=="usb", ACTION=="add", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="/usr/local/bin/yubikeylocker.sh"

yubikeylocker.sh

#!/bin/bash

YUBIKEYID="1234456"
YUBIKEY_CHAL="XXXX"
YUBIKEY_CHALRESP="XXXXXXXXXXXXXXXXXXXXXXXXXXXX"


result=$(lsusb | grep -e "Yubikey")
yubikeyid=$(ykinfo -q -s)

if  $result || [ "$yubikeyid" != $YUBIKEYID ];then
{      
        # multi check for 2 yubikeys, I have  4mini and  4.
        echo "yubikey not found, locking screen now"
        loginctl lock-sessions --no-ask-password
}
else
{
        echo "yubikey  found, now making a challenge"
        yubikeyresp=$(ykchalresp -2 $YUBIKEY_CHAL)
        if [ "$yubikeyresp" == $YUBIKEY_CHALRESP ];then
        {
                echo "verfied"
                loginctl unlock-sessions  --no-ask-password
        }
        else
        {
                echo "failed, it's not my yubikey"
        }
        fi
        
}
fi

# ref https://www.dalemacartney.com/2013/01/14/locking-and-unlocking-the-gnome3-session-with-a-yubikey/