On 06/01/2015 05:07 AM, Nico Kadel-Garcia wrote:
> On Mon, Jun 1, 2015 at 1:06 AM, ToddAndMargo <[log in to unmask]> wrote:
>> Hi All,
>>
>> Thought you guys might like this note I wrote myself on
>> how to autologin. Hopefully it will keep others from
>> tearing their out.
>>
>> -T
>
> If I thought it were a good idea, I'd be more supportive. There are
> uses, such as for VM's or PXE rebuilt classroom hosts or kiosk
> environments that are designed to have only one throw-away user on
> them and flush them after every login. And I admit it can be handy on
> a personal laptop that no one else is allowed to touch.
>
> But many browsers and mail clients keep copies of personal credentials
> in an unlocked local configuration file, which is made accessible
> without *any* additional authentication by this approach. And many
> people, to this day and age, are *horrible* aobut protecting their
> private SSH keys or stored Subversion passwords in $HOME, and equally
> bad about using different passwords for different types of internal
> and external accounts.
>
> With autologin enabled, all someone has to do is crash your machine or
> power cycle it to gain access to any private information in $HOME/.
> There are additional layers of protection you can try to provide, but
> it can get burdensome quite quickly. So think very carefully before
> activating autologin.
>
Hi Nico,
You are absolutely correct. What you are missing is that
sometimes you are in a low security situation. For instance,
Live CD's, my Flash Drive with direct FC22 (I call it my Dead
Stick) installed on it. Also, when I have encrypted the hard
drive.
And, remember, if you don't encrypt your hard drive, your
root and user accounts' password are meaningless. I can
walk right up to it, boot off a Live CD/USB or my Dead Stick,
and have at EVERYTHING on your hard drive. I can even remove
your root and user passwords.
-T
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computers are like air conditioners.
They malfunction when you open windows
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|