LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-18-2006, 07:54 AM   #1
eciffint
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Rep: Reputation: 0
Question user name and password is anoying


Hello all, Is there a way to get rid of the username and password login screen at startup using ubuntu? Did I have to do something on install to not get it all the time? I am willing to reinstall if necessary.
Thanks.
 
Old 06-18-2006, 08:36 AM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Go to menu System->Administration->Login Window. On the Security tab you can set automatic login.
 
Old 06-18-2006, 08:40 AM   #3
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
That is damn funny! Even Windoze has login requirements.

You may think at home it doesn't matter but you never know when you'll have a visitor that knows more about computers than you. They might decide to find out all sorts of things about you while you're in the restroom. If you think friends and family don't snoop put some medicine labled "For HIV control" in your medicine cabinet and see how long it takes for everyone you know to think you have AIDS.


Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.
 
Old 06-18-2006, 08:51 AM   #4
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Quote:
Originally Posted by jlightner
Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.
The login screen provides no protection for the data, and is trivially bypassed. For data protection, you need an encypted filesystem or strong file encryption.
 
Old 06-18-2006, 11:34 AM   #5
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
"no protection" I disagree. Sophisticated people can steal the data but your average burglar wouldn't know how to do so.
 
Old 06-18-2006, 11:48 PM   #6
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Quote:
Originally Posted by jlightner
"no protection" I disagree. Sophisticated people can steal the data but your average burglar wouldn't know how to do so.
If by sophisticated, you mean people that are able to search Google, or even this forum (or almost any Linux forum), I agree. Bypassing the login is one of the most commonly asked questions: "I lost my root password". The procedure is in most Linux FAQs.
 
Old 06-19-2006, 07:11 AM   #7
eciffint
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks for the answer. [moderator edit]. All I wanted was a simple answer and got it.

Last edited by unSpawn; 06-19-2006 at 07:31 AM. Reason: //sentence removal
 
Old 06-19-2006, 09:30 AM   #8
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
One of the things I'll never understand is the "if there is already a hole why not go ahead and make another one" reasoning in security arguments. Imagine if you had a dam that had a 3 inch hole in it that was gushing water. Using the same logic there should be no harm in opening another 3 inch hole (or even a 3 foot hole) as we're already leaking water so what does it matter?

There is no such thing as perfect security. This does not mean one shouldn't plug the holes they see (especially the simple ones as EVERYONE sees them). Security is about hardening the target.

Just as a lock on your front door doesn't prevent determined thieves login passwords don't prevent determined hackers. The adage about locks is they are "to keep honest people honest" and much the same can be said about login passwords. If you feel you don't need a login password then I'll assume you don't bother to lock your front door either.
 
Old 06-19-2006, 10:02 AM   #9
fedora4002
Member
 
Registered: Mar 2004
Posts: 135

Rep: Reputation: 15
Quote:
Originally Posted by jlightner
That is damn funny! Even Windoze has login requirements.

You may think at home it doesn't matter but you never know when you'll have a visitor that knows more about computers than you. They might decide to find out all sorts of things about you while you're in the restroom. If you think friends and family don't snoop put some medicine labled "For HIV control" in your medicine cabinet and see how long it takes for everyone you know to think you have AIDS.


Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.

Lots of users just do not care about so-called security. As for physical attacks, they assume that their friends will not abuse and the strangers do not have access.
 
Old 06-20-2006, 08:00 AM   #10
eciffint
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Original Poster
Rep: Reputation: 0
macemoneta, My apologies to the group.
 
Old 06-20-2006, 05:01 PM   #11
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Rep: Reputation: 18
All this Newbie bashing is pointless.

Security is always a tradeoff between costs and benefits. Of course you could put a lot of effort into making your computer as secure as possible. But you would probably end up with a system which would be a major hassle to use. Sensible users will analyse the threats and their personal needs and adjust their security measurements accordingly.

If you have a computer in a (semi-) public place, a login password is a good idea. If the comnputer is in your home, and you have no nosy children/mother in law/insert name here, then a login password might be expendable. Let's just analyse which attacks a login password could protect you against:
a) snooping flatmates
b) data-mining burglars
c) visitors who "might decide to find out all sorts of things about you while you're in the restroom."

Scenario a) is probably the most common. But just maybe you trust your flatmates, keep no secrets from your wife or you live alone - then there's no danger there.

Scenario b) is quite ridiculous. If there is a burglar in my house with enough time to poke around my computer, I have worse problems. Instead of booting up my computer to read my personal emails, he could decide to rummage in my drawers to find the jewelry, look for my bankbook or find my financial files which are stored in some cupboard in the study. In either case, he would have a higher rate of success.
And if he's really after private data, he would probably just unplug my hard disk (or rather, steal the whole computer) and search it later off-site. Such a burglar would be savvy enough to bypass such simple restrictions as login passwords.

Scenario c) is not very realistic either. It would take quite a long visit to the restroom if someone would want to boot up my computer and still have some time to search for interesting files. Instead, my snooping visitor could skim my desk, look through my medicine cabinet while he's in the bathroom or search my drawers, where my secret love letters are hidden quite unencrypted.

Of course, your own security situation might be different. In that case, login passwords or even better security measures might be appropriate. (My on home folder is stored on an encrypted partition, btw.) If you value added security more, typing in a good login password everytime might be a worthy tradeoff. But decrying other people's security decisions just because they're different from yours or the linux standard does not make much sense.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Help! Cannot Add a User to User Manager or Change Root Password lennysokol Linux - General 2 06-25-2005 10:59 AM
Samba -- XP user can log in to shares but smbclient user always gets password errors ejoe Linux - Software 3 04-18-2005 11:55 AM
what is the command to make a user change their password after creating a new user? naweenio Linux - Newbie 7 01-05-2005 08:07 AM
anoying Firefox download setting powadha Linux - Software 6 11-12-2004 06:36 PM
anoying problem samba + cups + printing ignarus Linux - Networking 0 11-04-2004 11:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration