[Bug 1154663] New: install pam_kwallet by default for KDE (and default to blowfish)
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663 Bug ID: 1154663 Summary: install pam_kwallet by default for KDE (and default to blowfish) Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE Workspace (Plasma) Assignee: opensuse-kde-bugs@opensuse.org Reporter: kolAflash@kolAhilft.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Please install the pam_kwallet package by default, if KDE is being installed. pam_kwallet is a huge step ahead in safety and usability. For example everyone using openSUSE on a notebook will probably store the wifi passwords safely in kwallet. But entering the user password twice on login is just senseless. (actually KWallet might not just be used for wifi, but for a lot more like ssh passphrases) Additionally the choice to use blowfish or GPG shouldn't be displayed anymore (at least not for the default wallet being created automatically). Because most users won't know what's that choice about. And I suggest to simply default to blowfish. At least that's what the native KDE distro "Neon" does. https://neon.kde.org Configuring GPG is also little more work and maybe not something every KDE user wants to do. So by default there should be simply a KWallet being created with blowfish and made accessible via pam_kwallet. I think that's by far the best choice for inceasing security and usability. P.S. I hoped to find a rpm package which is installed by default and adds GPG support. So I could simply remove this on users machines to get rid of that choice. But it looks like it's all in the default KWallet rpm packages. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
Moritz Duge
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c1
Neil Rickert
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c2
--- Comment #2 from kolA flash
I am opposed to this.
The problem is that pam_kwallet does not work if "lightdm" is used as the display-manager.
Does it cause any problems or is it just not working with LightDM? SDDM is the default for KDE on openSUSE, so pam_kwallet is working with the default. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c3
--- Comment #3 from Luca Beltrame
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c4
Luca Beltrame
pam_kwallet is a huge step ahead in safety and usability. For example everyone using openSUSE on a notebook will probably store the wifi passwords safely in kwallet. But entering the user password twice on login is just senseless. (actually KWallet might not just be used for wifi, but for a lot more like ssh
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c5
Fabian Vogt
And I suggest to simply default to blowfish. At least that's what the native KDE distro "Neon" does. https://neon.kde.org
The distro which installed and enabled pam_kwallet by default before looking at the code, which was so bad it allowed everyone to become root? Not a great example...
Configuring GPG is also little more work and maybe not something every KDE user wants to do. So by default there should be simply a KWallet being created with blowfish and made accessible via pam_kwallet. I think that's by far the best choice for inceasing security and usability.
I agree that making blowfish the default option is worth considering, but not hiding the choice altogether. This choice needs to be made upstream by KWallet devs though, not here in openSUSE. pam_kwallet should not be installed by default, as using it means that the wallet has to be unlocked permanently after login, exposing all contents over DBus, even after locking the screen, suspend, etc. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c6
--- Comment #6 from kolA flash
pam_kwallet is a huge step ahead in safety and usability. For example everyone using openSUSE on a notebook will probably store the wifi passwords safely in kwallet. But entering the user password twice on login is just senseless. (actually KWallet might not just be used for wifi, but for a lot more like ssh passphrases)
That's the usability aspect, but not the safety one.
Actually alternatively people may store passwords in plaintext. And so it becomes an security aspect.
And I suggest to simply default to blowfish. At least that's what the native KDE distro "Neon" does. https://neon.kde.org
The distro which installed and enabled pam_kwallet by default before looking at the code, which was so bad it allowed everyone to become root? Not a great example...
Point taken.
Configuring GPG is also little more work and maybe not something every KDE user wants to do. So by default there should be simply a KWallet being created with blowfish and made accessible via pam_kwallet. I think that's by far the best choice for inceasing security and usability.
I agree that making blowfish the default option is worth considering, but not hiding the choice altogether. This choice needs to be made upstream by KWallet devs though, not here in openSUSE.
Just created a ticket: https://bugs.kde.org/show_bug.cgi?id=413314
pam_kwallet should not be installed by default, as using it means that the wallet has to be unlocked permanently after login, exposing all contents over DBus, even after locking the screen, suspend, etc.
That's a point. But the resulting user experience - especially regarding using encrypted wifi's - is really bad. Any other ideas how to solve this!? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663
http://bugzilla.opensuse.org/show_bug.cgi?id=1154663#c7
--- Comment #7 from Neil Rickert
Actually alternatively people may store passwords in plaintext. And so it becomes an security aspect.
I set WiFi passwords to be stored in plaintext and available to all users. But they are stored in a file readable only by root, so I do not see this as a serious security issue. I prefer this, because NetworkManager can then connect before login, and this works better (at least in my experience). -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com