I experience this problem in Intrepid. To reproduce: 1. assume you've got a fully installed Ubuntu Intrepid 2. set up your wireless internet to connect to your encrypted access point 3. make sure your login keyring (or default keyring) has a password, and set it to unlock automatically on login 4. set your user up to autologin 5. REBOOT your machine 6. just after you're autologged in, you'll be asked for a password to unlock the default keyring
AFAICT, the reason it happens is: Gnome's keyring auto-unlocker uses your login password to unlock the default keyring (if the passwords match). So when you login with a password, everything works fine. However, when you autologin, you don't type your password, so the auto- unlocker isn't able to use it to unlock the keyring. It's not immediately obvious how to solve this securely. But I don't think we should ignore this or treat it as a feature, because a) anyone who sets up to autologin obviously doesn't want to type in a password, so it defeats the purpose of autologin, b) it encourages people to set up their default keyring with an empty password, which is insecure. (This is what I've done!) Tchalvak, I disagree that wireless passwords are a security non-issue. I think they are an issue -- if people get access to my wireless access point, then they can steal all my bandwidth. They may even be able to sniff my traffic, I'm not sure. However, you're right: the convenience of automatically connecting to a network outweighs the security issues for most people. -- libpam-keyring broken on autologins https://bugs.launchpad.net/bugs/137247 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
