-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/19/2011 03:10 PM, Sid Boyce wrote:
On 19/06/11 19:07, Markus Slopianka wrote:
So, why not change to a manual log in. Why not? It´s more secure in the case, that there´s someone other in your family, who wants to change your files, or just read them (this could be happen.).
The question is not: "Why should we do it?" It´s just "Why *shouldn´t* we do it?" If there is only a single user account present, logging in automatically is better usability.
Better than having the extremely onerous task of entering a few additional keystrokes - I'll have to sleep on that one for a few years.
Autologin allows the system to fully boot up incl. to connect to WLANs and not stop at KDM. During boot one can leave the room.
All that is accomplished in runlevel 3, so I don't see what great benefit is gained - even life and death surgery has to wait until the ambulance has arrived, patient transported to theatre and the surgeon scubs up, dons his apron and gloves and considers how to proceed.
Not with NetworkManager enabled, which depends on the applet for per-user configuration.
If more than one account is created, the account manager should ask to disable autologin.
Seriously, you are just a corner case and corner cases like you can be bothered to untick a little checkbox once. If you really want that rudimentary security, a way better option is to enable autologin but then set the option to automatically lock the screen after login. That way the system loads completely (incl. network connections) and your corner case is still solved. No corner case, no significant loss of time, no death resulting and no chance of a malpractice suit. Automatically log in in a work setting and you could lose a promising career. I have had people at work trying to guess my password.
If we're considering workplace-deployed machines as the 'common' case, I think we're off the mark. In environments where many machines are going to be installed with identical systems, imaging and/or autoyast should be used. In that case, it's a simple step to uncheck the box (or do likewise in autoyast) so that it's cleared for all installs.
I went to do some work on a relative's Linux box and needed ssh access to my box at home to download some files if needed. A day later I remembered that ssh was still allowed through my smoothwall firewall box and the logs were full of password cracking attempts. Slack practices breed insecurity.
I'm not sure how this is germane to the discussion. The accounts with autologin aren't passwordless and those defaults are already in lock-down mode. - -Jeff - -- Jeff Mahoney SuSE Labs -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk4A5zEACgkQLPWxlyuTD7JEzQCeO4rINZDw5q31H6X4LAaR1f6p rCYAn19Cgsq2QkOpfddbKV+wjDjsxBk1 =pesa -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org