Can GDM allow passwordless logins for specified users, in Ubuntu?

Eric Dunbar eric.dunbar at gmail.com
Sun Dec 12 23:36:47 UTC 2004


> > Sorry I cannot offer a HOWTO, but I do want to suggest a point of
> > consideration. Ubuntu uses "sudo" for administration with no root
> > password by default. I'm not sure that removing the user password would
> > be such a good idea. I suppose you could create a root password and then
> > go about using the method you described.
> >
> > I hope someone has a better anwser to your problem, I just wanted to
> > discourage you from removing the only password on your system if root
> > has no password (which it does not by default).
> 
> Agree mostly Khad - I don't feel happy with the idea of removing
> passwords from users given the approach Ubuntu has chosen.  It would be
> much better to find a way of keeping user's passwords, but just have GDM
> not ask for them for certain users if logging on locally. Just like KDM
> can be configured to behave.

IIRC all new accounts created by the first account are NOT in the
sudoers list so having a passwordless user ought not be a security
hazard and is an alternative to having to have an auto-login.

While I think of it...

Ubuntu ought to make sure that they do what Mac OS X does (or
something like it) (a *nix that uses sudo instead of root): to be able
to install any form of upgrade you have to have a password that
conforms to a minimum security level (this could be implemented
through apt-get or synaptic if it already isn't). Of course, since
this is OSS those with sufficient knowledge could turn this off, but
it's useful to introduce good security discipline to less experienced
users.

Eric.




More information about the ubuntu-users mailing list