One fingerprint.
Every authentication.

Wireless biometric key for macOS & Linux developers. Screen unlock, sudo, SSH signing, OTP — all with one touch.

terminal

742 developers waiting

What it does

One device. Every authentication.

SSH / Git signing

Push commits signed with your fingerprint.

$ ssh git@github.com

⠋ Waiting for fingerprint...

✓ Authenticated as katsu

sudo / PAM

Replace sudo passwords with a touch.

$ sudo apt upgrade

⠋ immurok: verify fingerprint...

✓ Password accepted

OTP

TOTP codes, right from the terminal.

$ immurok otp github

⠋ Touch sensor...

✓ 847 291 (expires in 12s)

Screen unlock

Lock screen → touch → unlocked.

katsu

✓ unlocked

API keys + Quick Fill

Paste secrets with biometric guard.

$ immurok get api OPENAI_KEY

⠋ Verify fingerprint...

✓ Copied to clipboard (8s)

How it works

1

Turn on & pair

Power on the device. BLE auto-pairs with your Mac or Linux machine. Fully wireless — USB-C is only for charging. One-time setup, no drivers.

2

Enroll your fingerprint

Touch the sensor 6 times to register a finger. Templates are stored on-device — never uploaded anywhere.

3

Authenticate everything

SSH, sudo, screen unlock, OTP, API keys — one touch for all of them. Works even when the screen is off.

Why immurok

	immurok	Touch ID Keyboard	USB Fingerprint
macOS	✓	✓	✗
Linux	✓	✗	✗
Windows	✗	✗	✓
Wireless	✓ BLE	✓	✗
SSH Agent	✓	✗	✗
sudo / PAM	✓	✓ macOS only	✗
OTP / TOTP	✓	✗	✗
Open source	✓ App + API	✗	✗
Price	$59	$199	$30–50

USB fingerprint readers unlock your screen.
immurok authenticates your workflow.

Fork it. Hack it. Ship it.

Open-source apps, open device API. Vibe code your own features — or just read ours.

Device API

BLE GATT

Full protocol docs — build your own client

macOS App

Swift

Menu bar app + PAM integration

Linux PAM

C

PAM module for sudo & login

# Want immurok to lock your screen when you walk away?

# The BLE RSSI is already exposed.

# Write a 20-line Swift script.

$ git clone https://github.com/mkatsu/immurok

View on GitHub

Trust, but verify.

Security by design, not by obscurity.

Private keys never leave the device

Fingerprint templates and cryptographic keys are stored on the CH592F chip. Nothing is transmitted or stored on your computer.

No cloud. No account. No telemetry.

Zero network calls. Zero analytics. The device works entirely offline via BLE — no internet connection required, ever.

Signed firmware updates

OTA updates are verified with HMAC-SHA256. The device rejects any firmware not signed with your key.

Open & auditable

macOS app, Linux PAM module, and the complete device API are open source. Audit it yourself or have your security team review it.

Don't trust us. Read the source. →

Specs

MCU	WCH CH592F (RISC-V)
Fingerprint sensor	ZW3021 capacitive
Connectivity	BLE 5.4
Battery	LiPo 300mAh (USB-C charging)
Battery life	~3 months standby
Dimensions	52 × 32 × 12 mm
Weight	38g (Developer) / 63g (Pro)
Compatibility	macOS 13+ / Linux (BlueZ 5.50+)

Get early access

Launching on Kickstarter · 2026

Developer Edition

$59

Polycarbonate shell
38g · Matte black

✓ BLE 5.4 wireless
✓ ZW3021 fingerprint sensor
✓ USB-C charging
✓ Open-source app & API

Popular

Pro Edition

$89

CNC aluminum shell
63g · Anodized finish

✓ Everything in Developer
✓ CNC aluminum body
✓ Premium anodized finish
✓ Heavier, desk-stable