LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Debian (https://www.linuxquestions.org/questions/debian-26/)
-   -   Auto-login without password (KDM) help (https://www.linuxquestions.org/questions/debian-26/auto-login-without-password-kdm-help-4175519760/)

fixer1234 09-22-2014 05:52 PM

Auto-login without password (KDM) help
 
I'm using Kwheezy 1.5, 64 bit (KDE/Debian Wheezy), as the only user on a home system. I want to boot up without a login.

The system settings include the ability to configure the KDM login manager. Under the Convenience tab, There are settings to enable auto-login and password-less logins. According to the Help instructions, there should be a list of users in the password-less login window that can be selected. That window is empty, as is the pull-down list of users under Enable Auto-Login. Administrator (me, user with regular priviledges) is listed as the only name in the Specified user pull-down list under Preselected User for Auto-Login. In the User tab of the login manager, no users are listed, including Administrator. These configuration screens are set up by default to be accessed from the system settings without root privileges.

I've found some other threads that deal with how to manually configure password-less login, but they all deal with other cases (CLI, other window managers, etc.), where there was no built-in provision for configuring this.

Any suggestions for what might be causing the login manager to not behave as described and how to make it work?

mpyusko 09-23-2014 09:55 AM

This would be an insecure idea. however it is possible. In KDE, go into System Settings, Login Screeen, then the Convenience tab. The section Enable Auto-Login allows you to select the user.

You could also replace starting kdm in the boot process with sudo -u <user> startx

fixer1234 09-23-2014 12:13 PM

Thanks for the reply. The system settings route is what doesn't work. No users are shown.

I'm fairly new to Linux and still hesitant about making system changes when I don't fully understand the ramifications. I would prefer to get the built-in tools to work. This seems like something that wouldn't slip through Debian's testing process as a bug and I don't find other people reporting the same issue.

mpyusko 09-23-2014 01:16 PM

Ok. Well as I am sure many others will tell you, it is a bad idea, very insecure idea, to have auto-login enabled. One of the reasons why Linux is so stable and secure is it's user/privilege based architecture. If you are this new to Linux, then I suggest waiting a decade or two before considering automating login or otherwise circumventing designed protections. I have been using Linux for more than 10 years and I'm the only user on my computers but I still login each time it boots. It's Linux.... It's how we do.

fixer1234 09-23-2014 01:50 PM

In a secure home environment with no other users, what does the manual login buy you? If you auto-login to the same user account, don't you arrive at the same point once the system is running?

Mr Marmmalade 09-25-2014 06:19 PM

It is strange that it shows no users, I enable that feature on my previous Debian system (I'm currently on Slackware), but I've reinstalled my Wheezy system multiple times & never seen that*. My system would have a root user & the normal user, the normal user would always show in that list. Are you running X as root or something odd (I'm not sure Debian even allows that)?

Try loading the login screen manager by searching for 'login' on the KDE start menu rather than through the System Settings panel, it may prompt for root password straight away & then provide you with more options than you're currently seeing.

*I have seen related issues with it in Jessie where the root login fails; it didn't prompt for password & just went straight to authentication failure, hence I couldn't setup auto-login or do system updates! Actually I think I may have had issues with there being no way to apply it in Wheezy because there was no way of logging into the screen as root (I think this is why I worked around it via loading the screen via start menu search).

I hope that helps.

fixer1234 09-26-2014 11:12 AM

Thanks for the reply. Good thought on trying from the start menu but no cigar--same situation. I haven't tinkered with system settings other than what is available as normal customization through the system settings panel. I'm actually running Kwheezy, which is a bundle designed to appeal to Windows users. Perhaps the developers figured that this audience needs to be protected from itself and disabled this feature. Maybe the next step would be to contact the developers or report it as a bug.

Mr Marmmalade 09-26-2014 11:30 AM

I was using the KDE version of Wheezy debian-7.6.0-amd64-kde-CD-1.iso

fixer1234 09-26-2014 11:58 AM

Interesting. That is an official Debian distro. I believe Kwheezy is a third party distro. It differs by including an extensive software collection and drivers collection, including a lot of non-free drivers, and some utilities not normally bundled with Debian that are more user friendly. It's targeted at Windows users and overcoming some of the characteristics of Debian that make it rough around the edges for newcomers to Linux. It's sort of like Mint with extra software, but based on Debian stable, like a souped up SolydK business version.

Mr Marmmalade 09-26-2014 02:05 PM

I'd recommend going for the real thing rather than a spin-off distro, I've neaver heard of KWheezy, but maybe its good also. More people on this forum will then be able to help if you need any - although I would expect it to mostly be the same. :)

fixer1234 09-26-2014 06:11 PM

I had tried the real deal but there were too many things that required manual intervention to get it set up. I'm a Windows wuss and not yet proficient at non-gui Linux. I moved from Mint to Kwheezy because there were many problems with applications from the Ubuntu source. Other than this login problem, which is just an annoyance, everything in Kwheezy worked perfectly out of the box, including software that didn't work from Ubuntu origins. They did a great job of pre-configuring everything.

widget 09-26-2014 10:33 PM

As long as you continue to play with respins by people that do not fully understand the Linux system or don't approve of security you will run into all sorts of problems.

Passwordless log in is simply insecure and stupid. Don't do it.

I am also very worried by your user; "Administrator" which is usually used to indicate root privileges. You really don't want to go there.

Yes I realize a lot of MS users do this. Gee I wonder why they have problems you see all over the web? You can get in a lot of trouble running things like web browsers as root.

When you log in to a real Linux system without a password you will end up giving it more than once probably to do some very normal things that you would have the permission to do if you had identified yourself so that the system, not the gui DE, knows exactly who you are. This is not possible to do without following the correct protocol for loging in.

You are not alone with your box. You are obviously connected to the internet. If you read this the entire server(s) for LQ are there with you.

I ran MS for years, starting with MSDos. We didn't need a password for MSDos. It didn't connect to anything anyway and booted from a floppy.

Once Bill and his buddies decided that the web might catch on and came out with Windows you had a password unless you stupidly disabled it. My 76 year old mother in law has more sense than to do that.

If you want a no security system go to Windows and buy at least 2 damned good AV programs and a separate spyware program and run them at least twice a day.

If you want a secure system use a damned password like a big boy.

fixer1234 09-27-2014 01:09 AM

Thanks for your reply. I wouldn't put Kwheezy in the respin boat you described. This thread was triggered by it not letting me bypass security.

I chose administrator as a user name. It is a regular user account, not root (unless I inadvertently selected a reserved name that Linux assumes is more than a regular user?). I understand that using root as your normal user account is nuts and auto-login to root is even more nuts.

From everything I've been able to research, my understanding is that auto-login pre-selects the user account to skip the user selection menu, and passwordless login does nothing more than start the display manager (KDM or GDM), without entering a password. After that, the system is in the same state it would be if you manually logged in through KDM. Everything I've read seems to indicate that anything that would require a password after manual login will still require a password; it doesn't open any backdoors or affect permissions. If I've misunderstood what I've read, I certainly need to reassess. Are you saying that setting up passwordless login via the KDM login manager affects things other than starting the desktop?

You also raised the reverse issue, that I could end up with additional requests for passwords. I'm not sure whether you were referring to logging in through KDM rather than a non-gui process, or bypassing login password entry in KDM. What kinds of things might I run into that would ask for a password that I would otherwise have permission to do?

If you were suggesting that a gui DE is not a "real Linux system", that's not an important distinction for me. I'm happy with imitation vinyl laminate veneer Linux as long as it works. I'm too spoiled by gui to go back to CPM and a terminal (I would also prefer not to service my own car or hunt my own meat). :-)

replica9000 09-28-2014 10:25 AM

You could edit /etc/kde4/kdm/kdmrc, and change these lines.

Code:

AutoLoginEnable=false (May also appear as #AutoLoginEnable=True)
AutoLoginUser=<insert-your-user-name-here>

I have done this on my laptop, but the HDD also has to be decrypted before the log in screen appears. Also the password is still required when the screen in locked.

fixer1234 09-28-2014 11:10 AM

I looked at that configuration file. A few excerpts:

[X-*-Core]
AllowNullPasswd=false

[X-:*-Core]
AllowNullPasswd=true
NoPassEnable=true
NoPassUsers=

[X-:0-Core]
AutoLoginEnable=true
AutoLoginLocked=false
AutoLoginUser=

I'm not sure what I'm looking at. I assume the colon in the section label means something; it's the only difference between two conflicting entries that appear to relate to passwordless login. The autologinenabled line you mentioned is set to true. I excluded a line here that shows me as the default user. There is no user name in the autologinuser line, but I'm the only user so the system does pre-enter my user name on the login screen. It would be great if there was a user manual for these configuration files.


All times are GMT -5. The time now is 11:58 AM.