Allowing passwordless login via GDM
Milan
nalimilan at club.fr
Fri Feb 23 14:16:23 UTC 2007
I'm not tying to make a troll in any way, and I'm sorry if this subject
is fulling the list with useless arguments. And I don't think neither
that we should compare Linux to Windows: what I propose is really far
from ActiveX, and I will castigate anyone intending to create this for
Linux.
But you're mistaking on my proposal. I just ask to allow *GDM* to skip
password check, just like it *currently does* with autologin.
First, this is just an extension of autologin system, so if my idea is
dangerous, we have to remove automated connexion feature from GDM
immediately.
Second, you can't connect to a passwordless account via ssh, vnc or
others because it's disabled by default. As Jan Claeys said,
PermitEmptyPasswords setting for sshd is "no" by default, and this is a
good thing.
Third, I don't ask to use passwordless accounts, which are currently to
only way to connect without typing anything, and which are weak
Ĺ“conerning security. With my proposal, your argument is no valid at all,
since the account is using a password, and more, a *good* password,
since the user hasn't to type it every minute. Think that many users
want to use a simple, short, and maybe easy to remember/find (firstname,
account name...) because they have to type it often. And I don't speak
of empty passwords you are encouraged to set manually.
wattazoum, your criticism is really far from reality, because in
addition of all this, openssh server is not installed be default,
portmap doesn't allow WAN computers to connect to port 22, nor any other
port. You currently have to hack the config files to enable it.
I would like this topic to be constructive, not only a sterile argument.
But it seems nobody is taking seriously the problem and its implications.
Again, I'm sorry if this is taking space in the mailing list with no
interest at all. But I'm surprised of the reaction.
Milan
More information about the Ubuntu-devel-discuss
mailing list