Booting and login - why are users not logged in automatically?
Dustin Kirkland
kirkland at ubuntu.com
Wed Mar 24 16:48:37 UTC 2010
On Wed, Mar 24, 2010 at 10:10 AM, Didier Roche <didrocks at ubuntu.com> wrote:
> Le mercredi 24 mars 2010 à 10:20 -0400, Phillip Susi a écrit :
>> On 3/24/2010 10:13 AM, Alan Pope wrote:
>> > That still wont guarantee access to user files. If you use ecryptfs
>> > (the default encryption system for /home on Ubuntu live CDs) then even
>> > having physical access won't give you immediate access to files in the
>> > user home directory.
>>
>> I didn't think auto logon was an option if you were using encryption...
>> at least it's a very bad idea since it defeats the purpose of encryption
>> in the first place. Most people don't use that though, so...
>>
>
> There is only 3 cases (if you think about home encrypted directory
> covered in ubuntu installation, not other stuff like entirely encrypted
> partition as it assumes you will have to enter a passord in any case, so
> out of scope):
> - no autologin and no encrypted home: default desktop, makes sense. But
> if someone has a physical access to your machine, you're screwed.
> - autologin and no encrypted home: case of default ubuntu netbook
> installation. Well, you're also screwed as in case #1 if someone has a
> physical access to the machine.
> - no autologin and encrypted home: you're safe. Maybe should be the
> default on netbook? Too late for changing that in lucid in my opinion.
> Can be discussed for +1
>
> autologin and encrypted home: epic fail. Don't work as the password is
> used to decrypted home with ecryptfs. :)
> I'll add a check in the following days in gdmsetup to avoid setting an
> user using encrypted home as default.
Didier's analysis here is accurate (except that any discussion of
using encryption by default will be riddled with argument and
flamewars and I want no part of that).
When we designed and added the 3rd option
(require-password-and-encrypt) to the first two (auto-login,
require-password), the idea was to provide 3 levels of security,
defaulting to the middle one.
* auto-login
- easy, simple, totally insecure which may not matter to everyone
* require-password
- traditional unix/linux/windows/mac login procedure, a bit of
additional security, allows for multiple users
* require-password-and-encrypt
- no more difficult than require-password, but highly secure data
protection, requires the user record or escrow an additional
passphrase, costs a minor bit of extra CPU usually non-noticeable
I think the radio button is in the correct location for now, and users
can either lower their security or raise it depending on their use
case. Some netbooks/laptops never leave home and thus don't need
additional security. Others travel the world and hold confidential
information. Select the option that makes the most sense for you!
:-Dustin
More information about the Ubuntu-devel-discuss
mailing list