GNOME Bugzilla – Bug 414862
Allowing passwordless connections
Last modified: 2009-06-30 20:02:50 UTC
I was thinking of a very useful feature for home computers or kiosks: the ability to skip the password check. I mean: like autologin allows to connect without typing the password, this new feature would allow specified users to simply enter their username to login. This could be achieved by adding to the config tool a tab to select users that want to be connected without typing their password. This way, users still have a password, which is used with gksudo, ssh connexions and others, so security is preserved, but the home use is really nicer. KDM has already such a feature: http://docs.kde.org/development/en/kdebase/kdm/configuring-kdm.html#kdmconfig-convenience Discussing on ubuntu-devel-discuss mailing list, two concerns were noticed: this should be easy to set (since base users will need it), but user should be warned about security issues if his computer is not in a safe place. Too, pam-keyring will not be able to unlock the keyring at login, so maybe some problems have to be addressed here. IMHO, this feature is needed in near future, since home users don't care about what their family can do on their session. This is a main user-friendly issue today. Thanks for all
I agree. This would definitely be a very useful and time-saving feature.
*** Bug 347586 has been marked as a duplicate of this bug. ***
Oops. I marked bug 347586 as a duplicate, but it isn't really, so I re-opened that bug. However, it is a related bug, so whoever works on this issue might consider addressing both together?
Btw, does current gdm to allow login for users without password (who have no characters between first : in /etc/shadow) or doesn't ? Gnome about-me applet from control-center just freezes in such case, look at bug #336872 :(
You can connect without password, but you have to tweak /etc/pam.d adding nullok in some places. This is not really secure, even considering that ssh refuses empty passwords. I never managed to add GDM to work with nullok_secure option (/etc/securetty). Talking of Ubuntu Dapper & Edgy, at least.
This feature is pretty important for me so I just wanted to be on the CC list. In my case, I have a lot of friends using my computer and I want them to be able to more or less double click "guest" and be greeted by the desktop. Right now, they're mostly confused and wonder why they need a password for the guest account. I've actually been thinking about using KDM + gnome for this feature alone :-) Thanks for looking into it!
In Fedora, you can just do passwd -d username and then don't need to enter a password to login for that user. Other distros may have different security policies in place.
(In reply to comment #7) > In Fedora, you can just do > > passwd -d username > > and then don't need to enter a password to login for that user. Other distros > may have different security policies in place. > In Ubuntu 7.10, at least, that doesn't work for GDM. It does work for normal login at the command line, but not GDM. Deleting the user's password actually makes it impossible to login through GDM.
Does Ubuntu use pam-gnome-keyring? If so, that may be why. See bug 514862.
Hi, I've made some search and I think it is not possible at this moment to configure a passless login to some user(s) in GDM. I'd like to comment that such feature would be appreciable in some cases. Thank you, DiegoV
Hi Diego, It is possible. Run "passwd -d username" as root to allow a password less login. If it doesn't work, you may be getting hit by bug 514862
As I said above, passwd -d is a security issue since the user has no password at all. This doesn't allow to protect the account in order to use ssh remote access, or to grant admin rights. These cases are common today: home users may want to log in without password but still be protected by passwords for advanced operations. This would avoid a security hole - and this should be the standard way, KDM already supports this.
This should be implemented in gnome-system-tools: it would be much easier and more logical. See http://mail.gnome.org/archives/system-tools-list/2008-May/msg00000.html
Created attachment 112335 [details] [review] Proof-of-concept patch This patch should roughly allow to enable password-less login on a per-user basis (with a checkbox making the user member of the "passwordless" group). Need for some work on /etc/pam.d/[gdm,gnome-screensaver].
Note that the mechanisms for specifying whether a user can login in a passwordless manner is not consistent across platforms. In other words, it is a little risky to make assumptions about how PAM is set up on a given machine, or that the /etc/pam.d interface will be respected on any given platform, or that PAM, GDM, or gnome-screensaver are even being used. Since systems can vary widely, and can be configured in very different ways, it might be best to leave PAM configuration to PAM, and not try to integrate it into the desktop. If you insist on having this sort of feature in the desktop, it would be better if the code did some work to make sure that the system will honor the interface before exposing it to the user. Having a non-functional choice in a dialog is not ideal. I recommend that any patch trying to solve this problem be tested on a wide array of platforms before it goes upstream. If this patch goes upstream, I anticipate it will evolve into a nest of #ifdef's to support different setups and platforms. Not necessarily a problem, but just so you know what you are getting into.
You're right. I planned to manage this issue with a system-wide GConf key that distributors would enable if they know they support this feature. Else, it will be disabled/hidden. This is what the code does, but I'm no GConf guru, and I need help with mandatory (system-wide) settings and how to install them. Do this sound reasonable to you?
That seems reasonable to me. Might also be good to ping various distros and let them know to test this code out & work to get support added if needed for their platform.
Sure. This is the second step. But for now we need a gnome-system-tools developer that can review the patch and eventually commit it. ;-)
I am looking for this feature, too.
Created attachment 137468 [details] [review] Don-t-consider-all-groups-as-privileges.patch Preliminary patch to make second patch work.
Created attachment 137469 [details] [review] Add-an-option-to-skip-password-check-on-login.patch Actual patch against gnome-system-tools that creates a checkbox adding the user to the 'nopasswdlogin' group.
Created attachment 137470 [details] [review] Change-default-PAM-policy-to-allow-password-less-login.patch Patch against GDM default PAM configuration file that allows the previous patches to come into effect. Distributions still need to create the 'nopasswdlogin' group to enable the checkbox in users-admin, since they are likely to need an update to their PAM policy files.
Created attachment 137488 [details] [review] Change-documentation-and-default-PAM-policy-to-allow-password-less-login New patch for GDM that also updates the documentation.
I've just committed the needed changes to gnome-system-tools, which makes it possible for distributions to enable password-less logins if they create the 'nopasswdlogin' group. We still need to see what should be changed in GDM to make this feature easy to enable and document it. commit f2755126f69b4ede558ec16d00e19a8c80414bf7 Author: Milan Bouchet-Valat <nalimilan@club.fr> Date: Sat Jun 27 20:59:46 2009 +0200 Add an option to skip password check on login This adds a checkbox that allows adding the user to the 'nopasswdcheck' group. Distributions and admins should enable it by creating that group if they have configured PAM to make it work with GDM. http://bugzilla.gnome.org/show_bug.cgi?id=414862 commit 10f02635e9096f5b874d0a160110220c71bc0d44 Author: Milan Bouchet-Valat <nalimilan@club.fr> Date: Sat Jun 27 20:59:03 2009 +0200 Don't consider all groups as privileges Only update membership for groups that actually match a privilege. The current code was resetting user's membership for all groups on the system. This fix will be used by an upcoming patch implementing a password-less login option.
okay, commit the GDM bits, too, I guess.
Pushed. Thanks for your feedback! I'll consider later whether/how we could integrate autologin with that feature.