I hope this is the right forum, the security forum might emphasize security while this post is to ask about emphasizing *ease of use*. Because of the technical questions, the newbie forum seemed inappropriate.

Newbies coming from that other OS (9x and home versions), and who are not much concerned about security, find being asked to type the root password for every administrative task a real burden. Some users have a personal philosophy that a persistent, skilled cracker can get into his computer anyway, so why place the extra burden of 2 passwords on the user.

I am aware of autologin, sudo in Ubuntu/Kubuntu, and the (less secure) possibility of short passwords. There is also the (less secure) possibility of using the same password for user and root.

Gnome gksu allows keeping root password for admin tasks, and reminds user with a message whenever ANY new admin task is started. Kdesu seems to have a similar function but only applies it to the SAME task - a DIFFERENT admin task requires typing the root password yet again.

Is it possible to make kdesu behave like gksu, or somehow "substitute" gksu for kdesu in the KDE destop?

What other ways are there to make GNU/Linux/KDE "REALLY EASY" for a user who hates typing passwords?

Thanks in advance.
Dave

Well, you can set up sudo to allow user(s) to run commands as root without having to type in a password. Also keep in mind that sudo asks for the user's password, not root's password, which addresses one of your original concerns (having to remember/type in two different passwords).

You could create "launchers" or menu items that execute scripts to perform sudo-enabled common tasks. There's absolutely nothing wrong with writing a collection of sudo-enabled scripts to do things like mounting devices, starting services, adding/removing software, etc. Some may argue there are cleaner/more elegant ways, but it's your system; run it the way you want--even if that means running as (gasp!) root. There will be some roadblocks (some software won't run if it's executed as root - which is unnecessarily "parental" in my opinion). It would be my hope that you would eventually return to regular user methods.

I'm sure someone will come along and give the "proper security" lecture (especially since I had the audacity to mention running as root is an option), but I get the impression you are already aware of it.

I would like to point out though, that the way things are "supposed" to work is that you fight with administrative stuff (i.e. passwords) only so long as it takes to get your system the way you like it. Then, when it's properly set up, you should rarely need root access. If you're still tinkering/experimenting, the passwords are just a necessary evil so to speak.

I honestly don't know about the gksu or kdsu internals. So I don't know if the sudo method above will have any effect on them. If not, you will be forced to run your password-less sudo commands from the commandline.

Security and convenience always compete. In windows or linux, you can't have absolute convenience and absolute security at the same time. Windows aims for absolute convenience, but is a security mess. Linux is secure because security has a higher value than convenience.

Almost all my passwords I can type with my left hand alone. Plus I try to construct them in a way that I can type them in a split second... I still think they are safe enough - I mean it's not "water" - it's just numbers and letters. - so when the password prompt comes up, it doesn't really bother me. It doesn't take more time than clicking "confirm" or "trust" or something.

Another option is to research and buy a fingerprint reader. My new laptop came with one, and it works (sort of) in Windows. It has been reported to work in linux. I havent taken the time to configure it, but it holds promise: Swipe your finger, no passwords to rememeber...

Better you bite the bullet and get used to a secure administrative password. The reason Winows viruses spread so quickly is that its users have been taught to operate their PCs in administrative mode. People who switch to Linux should follow the established, and secure, policy rather than try to change it.

Thank you all for taking the time to comment. I like the time-saving idea of a one-handed password, leaving the other hand on the mouse. The idea of setting up sudo to allow user(s) to run commands as root without having to type in a password enabled me to stumble across a partial solution in Kubuntu 7.04.

While setting up user autologin, the same screen allows setup of "no password required for" user. Then user just clicks OK or hits enter, without typing password, when doing admin tasks. The setup screen cautions that help should be read; the help screen gives the appropriate warning about reduced security. IMHO a user who hates repeatedly typing password is safer in a reduced-password-effort Kubuntu, than in windoze 9x or home.

However, I still prefer Gnome gksu where user has to type password once, then "keep password", and then gets a polite reminder at startup of each admin task. Unfortunately the user prefers KDE. Now if only kdesu could be made to behave like gksu in Mepis and Debian KDE...

BTW Mepis 6.5 has an amusing warning on the desktop when someone logs in as root!

Thanks again,
Dave

You don't say what the 'partial' solution is, but anything associated with running commands via a passwordless sudo is a terrible idea.

The whole point of permissions and access systems is to limit the damage that can be caused. If you setup commands to be run via sudo with no password, then anything malicious can be run via sudo, and execute as root, with no intervention from yourself (albeit generalised, as you often have to give a script etc. execute permissions), completing invalidating the permission security model.