Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-18-2006, 07:54 AM
|
#1
|
LQ Newbie
Registered: Jun 2006
Posts: 3
Rep:
|
user name and password is anoying
Hello all, Is there a way to get rid of the username and password login screen at startup using ubuntu? Did I have to do something on install to not get it all the time? I am willing to reinstall if necessary.
Thanks.
|
|
|
06-18-2006, 08:36 AM
|
#2
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Go to menu System->Administration->Login Window. On the Security tab you can set automatic login.
|
|
|
06-18-2006, 08:40 AM
|
#3
|
LQ Guru
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
|
That is damn funny! Even Windoze has login requirements.
You may think at home it doesn't matter but you never know when you'll have a visitor that knows more about computers than you. They might decide to find out all sorts of things about you while you're in the restroom. If you think friends and family don't snoop put some medicine labled "For HIV control" in your medicine cabinet and see how long it takes for everyone you know to think you have AIDS.
Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.
|
|
|
06-18-2006, 08:51 AM
|
#4
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Quote:
Originally Posted by jlightner
Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.
|
The login screen provides no protection for the data, and is trivially bypassed. For data protection, you need an encypted filesystem or strong file encryption.
|
|
|
06-18-2006, 11:34 AM
|
#5
|
LQ Guru
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
|
"no protection" I disagree. Sophisticated people can steal the data but your average burglar wouldn't know how to do so.
|
|
|
06-18-2006, 11:48 PM
|
#6
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Quote:
Originally Posted by jlightner
"no protection" I disagree. Sophisticated people can steal the data but your average burglar wouldn't know how to do so.
|
If by sophisticated, you mean people that are able to search Google, or even this forum (or almost any Linux forum), I agree. Bypassing the login is one of the most commonly asked questions: "I lost my root password". The procedure is in most Linux FAQs.
|
|
|
06-19-2006, 07:11 AM
|
#7
|
LQ Newbie
Registered: Jun 2006
Posts: 3
Original Poster
Rep:
|
Thanks for the answer. [moderator edit]. All I wanted was a simple answer and got it.
Last edited by unSpawn; 06-19-2006 at 07:31 AM.
Reason: //sentence removal
|
|
|
06-19-2006, 09:30 AM
|
#8
|
LQ Guru
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
|
One of the things I'll never understand is the "if there is already a hole why not go ahead and make another one" reasoning in security arguments. Imagine if you had a dam that had a 3 inch hole in it that was gushing water. Using the same logic there should be no harm in opening another 3 inch hole (or even a 3 foot hole) as we're already leaking water so what does it matter?
There is no such thing as perfect security. This does not mean one shouldn't plug the holes they see (especially the simple ones as EVERYONE sees them). Security is about hardening the target.
Just as a lock on your front door doesn't prevent determined thieves login passwords don't prevent determined hackers. The adage about locks is they are "to keep honest people honest" and much the same can be said about login passwords. If you feel you don't need a login password then I'll assume you don't bother to lock your front door either.
|
|
|
06-19-2006, 10:02 AM
|
#9
|
Member
Registered: Mar 2004
Posts: 135
Rep:
|
Quote:
Originally Posted by jlightner
That is damn funny! Even Windoze has login requirements.
You may think at home it doesn't matter but you never know when you'll have a visitor that knows more about computers than you. They might decide to find out all sorts of things about you while you're in the restroom. If you think friends and family don't snoop put some medicine labled "For HIV control" in your medicine cabinet and see how long it takes for everyone you know to think you have AIDS.
Also of course if your computer is stolen losing the hardware would suck but losing the private information you may have stored would be even worse.
|
Lots of users just do not care about so-called security. As for physical attacks, they assume that their friends will not abuse and the strangers do not have access.
|
|
|
06-20-2006, 08:00 AM
|
#10
|
LQ Newbie
Registered: Jun 2006
Posts: 3
Original Poster
Rep:
|
macemoneta, My apologies to the group.
|
|
|
06-20-2006, 05:01 PM
|
#11
|
Member
Registered: Nov 2005
Posts: 144
Rep:
|
All this Newbie bashing is pointless.
Security is always a tradeoff between costs and benefits. Of course you could put a lot of effort into making your computer as secure as possible. But you would probably end up with a system which would be a major hassle to use. Sensible users will analyse the threats and their personal needs and adjust their security measurements accordingly.
If you have a computer in a (semi-) public place, a login password is a good idea. If the comnputer is in your home, and you have no nosy children/mother in law/insert name here, then a login password might be expendable. Let's just analyse which attacks a login password could protect you against:
a) snooping flatmates
b) data-mining burglars
c) visitors who "might decide to find out all sorts of things about you while you're in the restroom."
Scenario a) is probably the most common. But just maybe you trust your flatmates, keep no secrets from your wife or you live alone - then there's no danger there.
Scenario b) is quite ridiculous. If there is a burglar in my house with enough time to poke around my computer, I have worse problems. Instead of booting up my computer to read my personal emails, he could decide to rummage in my drawers to find the jewelry, look for my bankbook or find my financial files which are stored in some cupboard in the study. In either case, he would have a higher rate of success.
And if he's really after private data, he would probably just unplug my hard disk (or rather, steal the whole computer) and search it later off-site. Such a burglar would be savvy enough to bypass such simple restrictions as login passwords.
Scenario c) is not very realistic either. It would take quite a long visit to the restroom if someone would want to boot up my computer and still have some time to search for interesting files. Instead, my snooping visitor could skim my desk, look through my medicine cabinet while he's in the bathroom or search my drawers, where my secret love letters are hidden quite unencrypted.
Of course, your own security situation might be different. In that case, login passwords or even better security measures might be appropriate. (My on home folder is stored on an encrypted partition, btw.) If you value added security more, typing in a good login password everytime might be a worthy tradeoff. But decrying other people's security decisions just because they're different from yours or the linux standard does not make much sense.
|
|
|
All times are GMT -5. The time now is 03:53 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|