diff --git a/kbd-2.4.0-11.el9.src.rpm b/kbd-2.4.0-11.el9.src.rpm
new file mode 100644
index 0000000..ba167c5
Binary files /dev/null and b/kbd-2.4.0-11.el9.src.rpm differ
diff --git a/kbd-2.4.0-vlock-add-prompt-option.patch b/kbd-2.4.0-vlock-add-prompt-option.patch
new file mode 100644
index 0000000..e3d9db9
--- /dev/null
+++ b/kbd-2.4.0-vlock-add-prompt-option.patch
@@ -0,0 +1,84 @@
+diff -up kbd-2.4.0/src/vlock/auth.c.orig kbd-2.4.0/src/vlock/auth.c
+--- kbd-2.4.0/src/vlock/auth.c.orig	2018-06-08 12:20:10.000000000 +0200
++++ kbd-2.4.0/src/vlock/auth.c	2024-09-09 11:28:02.001003452 +0200
+@@ -91,6 +91,12 @@ int get_password(pam_handle_t *pamh, con
+ 		}
+ 		fflush(stdout);
+ 
++		if (prompt) {
++			printf(_("Press ENTER to continue.\n"));
++			fflush(stdout);
++			(void )getchar();
++		}
++
+ 		/*
+ 		 * No need to request a delay on failure via pam_fail_delay(3):
+ 		 * authentication module should do it for us.
+diff -up kbd-2.4.0/src/vlock/parse.c.orig kbd-2.4.0/src/vlock/parse.c
+--- kbd-2.4.0/src/vlock/parse.c.orig	2019-06-25 11:41:55.000000000 +0200
++++ kbd-2.4.0/src/vlock/parse.c	2024-09-09 11:28:02.001003452 +0200
+@@ -39,6 +39,13 @@
+  */
+ int o_lock_all;
+ 
++/*
++ * This determines whether there will be prompt before invoking pam
++ * auth stack.
++ * 0 means no, 1 means yes.
++ */
++int prompt;
++
+ const char *
+ locked_name(void)
+ {
+@@ -65,6 +72,8 @@ show_help(void)
+ 	         "       switch to other virtual consoles.\n"
+ 	         "-a or --all: lock all virtual consoles by preventing other users\n"
+ 	         "       from switching virtual consoles.\n"
++                 "-p or --prompt: wait for keypress before invoking pam auth stack,\n"
++                 "       useful for unlocking with smartcard setup.\n"
+ 	         "-v or --version: Print the version number of vlock and exit.\n"
+ 	         "-h or --help: Print this help message and exit.\n"),
+ 	       progname, progname);
+@@ -76,13 +85,14 @@ void parse(int ac, char *const av[])
+ 	static struct option long_options[] = {
+ 		{ "current", 0, 0, 'c' },
+ 		{ "all", 0, 0, 'a' },
++		{ "prompt", 0, 0, 'p' },
+ 		{ "version", 0, 0, 'v' },
+ 		{ "help", 0, 0, 'h' },
+ 		{ 0, 0, 0, 0 },
+ 	};
+ 	int c;
+ 
+-	while ((c = getopt_long(ac, av, "acvh", long_options, 0)) != -1) {
++	while ((c = getopt_long(ac, av, "acpvh", long_options, 0)) != -1) {
+ 		switch (c) {
+ 			case 'c':
+ 				o_lock_all = 0;
+@@ -90,6 +100,9 @@ void parse(int ac, char *const av[])
+ 			case 'a':
+ 				o_lock_all = 1;
+ 				break;
++			case 'p':
++				prompt = 1;
++				break;
+ 			case 'v':
+ 				fprintf(stderr, "%s\n", VERSION);
+ 				exit(EXIT_SUCCESS);
+diff -up kbd-2.4.0/src/vlock/vlock.h.orig kbd-2.4.0/src/vlock/vlock.h
+--- kbd-2.4.0/src/vlock/vlock.h.orig	2017-01-12 22:23:16.000000000 +0100
++++ kbd-2.4.0/src/vlock/vlock.h	2024-09-09 11:28:02.001003452 +0200
+@@ -40,5 +40,12 @@ const char *locked_name(void);
+  */
+ extern int o_lock_all;
+ 
++/*
++ * This determines whether there will be prompt before invoking pam
++ * auth stack.
++ * 0 means no, 1 means yes.
++ */
++extern int prompt;
++
+ /* Copy of the VT mode when the program was started. */
+ extern int is_vt;
diff --git a/kbd.spec b/kbd.spec
index 0c3c245..5b0fdd3 100644
--- a/kbd.spec
+++ b/kbd.spec
@@ -5,7 +5,7 @@
 
 Name:           kbd
 Version:        2.4.0
-Release:        10%{?dist}
+Release:        11%{?dist}
 Summary:        Tools for configuring the console (keyboard, virtual terminals, etc.)
 License:        GPLv2+
 URL:            http://www.kbd-project.org/
@@ -40,6 +40,9 @@ Patch8:         kbd-2.4.0-covscan-fixes.patch
 Patch9:         kbd-2.4.0-setfont-exit-code.patch
 # Patch10: initializes variable (SAST)
 Patch10:        kbd-2.4.0-initialize-variable.patch
+# Patch11: adds vlock option to issue prompt before invokation of pam stack,
+#   RHEL-57034
+Patch11:         kbd-2.4.0-vlock-add-prompt-option.patch
 
 BuildRequires:  gcc, bison, flex, gettext, pam-devel, check-devel, automake
 BuildRequires:  console-setup, xkeyboard-config
@@ -77,17 +80,18 @@ Please note that %{name}-legacy is not helpful without kbd.
 %setup -q -a 1 -a 2
 cp -fp %{SOURCE3} .
 cp -fp %{SOURCE6} .
-%patch0 -p1 -b .keycodes-man
-%patch1 -p1 -b .sparc
-%patch2 -p1 -b .unicode_start
-%patch3 -p1 -b .dumpkeys-man
-%patch4 -p1 -b .sg-decimal-separator
-%patch5 -p1 -b .loadkeys-search-path
-%patch6 -p1 -b .unicode-start-font
-%patch7 -p1 -b .covscan-fixes
-%patch8 -p1 -b .covscan-fixes-pt2
-%patch9 -p1 -b .setfont-exit-code
-%patch10 -p1 -b .initialize-variable
+%patch -P 0 -p1 -b .keycodes-man
+%patch -P 1 -p1 -b .sparc
+%patch -P 2 -p1 -b .unicode_start
+%patch -P 3 -p1 -b .dumpkeys-man
+%patch -P 4 -p1 -b .sg-decimal-separator
+%patch -P 5 -p1 -b .loadkeys-search-path
+%patch -P 6 -p1 -b .unicode-start-font
+%patch -P 7 -p1 -b .covscan-fixes
+%patch -P 8 -p1 -b .covscan-fixes-pt2
+%patch -P 9 -p1 -b .setfont-exit-code
+%patch -P 10 -p1 -b .initialize-variable
+%patch -P 11 -p1 -b .vlock-add-prompt-option
 aclocal
 autoconf
 
@@ -200,6 +204,10 @@ make check
 %{kbd_datadir}/keymaps/legacy
 
 %changelog
+* Thu Jan 09 2025 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.4.0-11
+- Add vlock option to issue prompt before invokation of pam stack
+  Resolves: RHEL-57034
+
 * Tue May 21 2024 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.4.0-10
 - Initialize variable to avoid possible uninitialized use
   Resolves: RHEL-31795