A plea about passwords

[WinterTroubles]

Sure linux systems have aspects to them that are less user friendly than windows, but, they also have aspects to them that are more user friendly than windows.. personally I prefer my linux box to my old windows one, but, I also think that on average it probably balances out.. Yes, you need a password and to remember it, but, once your box is up and running the average user never needs to search the internet for software again or cross their fingers that it doesn't contain malware.

[Neil Edmond]

@Spacedog...I think what you are looking for is Puppy Linux. It is designed to be extremely user friendly, to a fault, in that the normal user always has root privilges. Most Linux users consider that to be irresponsible and dangerous, but looks like that is exactly what you are after.

[Spacedog]

Thanks Neil, never heard of Puppy Linux but I think you may be spot on there. I will give it a go.

[austin.texas]

You can eliminate sudo and gksudo password requests like this.
Open a terminal and enter the command -
gksudo gedit

Enter this one line in the text file -
(edit for username)
username ALL=(ALL) NOPASSWD: ALL

Save the text file in /etc/sudoers.d/ with name casper

You will get no password requests when running sudo or gksudo. You will however get a password request when running -pkexec commands, such as the synaptic-pkexec command in the menu. But you can edit that and change it to gksudo synaptic - then it works with no password.

[AlanWalker]

Speaking seriously for a moment, I think you may be under the impression that if a customer forgot their password then you, as a repair provider, would be locked out. This simply isn't true unless they have an encrypted hard drive, using a 'live' version from a disc or USB you would still be able to access the root file system an effect the repair.

No that isn't it. My concern is customers being asked for a password when they wanted to try something new, like trying to install a software package on their own.

I imagine your customers are pretty pissed about having to use keys to get into their houses and cars - have to remember where the keys are? What what a drag! Have to use them every blinking time they wanted lock or unlock a door? Bummer - and think about it: they could loose those keys, THEN where would they be?

Nope, they'd rather do without having to use keys.

Or, maybe not; come to think of it they probably know how to use keys, and are happy to have them.

Granny, or your customers, aren't going to be doing things requiring root access more than occasionally, so setup granny's Mint system with a logid of "granny" and a password of "granny123" at Mint install time; that way she'll have to enter her password (the default root password) every time she logs on to her system. Doing so will help her remember her root's password at those occasional times she wants to do root things.

Regards,

[JSeymour]

@Spacedog...I think what you are looking for is Puppy Linux. It is designed to be extremely user friendly, to a fault, in that the normal user always has root privilges. Most Linux users consider that to be irresponsible and dangerous, ...

Perhaps because that's just what it is.

Users having Administrator rights, by default, is one of the biggest reasons MS-Win is so-widely, and so successfully compromised. Even Win7, which makes a half-baked attempt to solve the problem with UAC--which users can, and do, turn completely down so it no longer provides protection.

Jim

[Previous1]

For the record, Puppy has a limited account, "spot", to run high-profile applications under (like browsers). In that regard it's similar to DropMyRights under XP, or "modify settings" UAC in 7. Not saying this is the way to go, just saying.

http://www.puppylinux.com/technical/root.htm

Another trick to use in "regular" distros is a dropdown terminal (like guake) that's logged in as root (sudo -i), and learn the most common commands. Better to use a separate TTY, obviously, but that's probably too much for most users.

You can also fine-tune PolicyKit rules to not ask for a password. Mint for example does so when adding a printer, configuring the network, mounting a device, or shutting down the computer.

edit: you can also set a blank password if you've made sure all remote logins are disabled.

Code: Select all

sudo passwd -d <user>

[OnlyMe]

I think you may be short selling Granny. I happen to be one and quite a few of the women using linux that I see/meet on various forums are also in that category. A ton of the men are also in a similar category. Pick an OS known to be user friendly, such as Mint, let her pick a password of her choosing and then let her loose! She might surprise you. My sister did.

[arunarmstrong]

set the password as 1234 and set it to auto login.

[Spacedog]

You can eliminate sudo and gksudo password requests like this.
Open a terminal and enter the command -
gksudo gedit

Enter this one line in the text file -
(edit for username)
username ALL=(ALL) NOPASSWD: ALL

Save the text file in /etc/sudoers.d/ with name casper

You will get no password requests when running sudo or gksudo. You will however get a password request when running -pkexec commands, such as the synaptic-pkexec command in the menu. But you can edit that and change it to gksudo synaptic - then it works with no password.

I'm afraid I got lost like a true newbie following this.

gksudo gedit in a terminal does nothing but go to the next line, there is no editor to save the next bit in? Does username refer to the user in question's username or the word username?

I think people here seem to forget what everyday people are like, they are not interested in anything but using the device for it's intended purpose. Asking for passwords all the time gives them no insight into what they are doing, and often ends up confusing things further.

I guess the philosophical issue I have is the user already has a password for things like email and cloud, this should be enough in a well designed system. Accessing software through a well designed manager should also be part of normal usage and not require a password. Make these things easily customizable options and I think the appeal of linux to normal everyday people will go up greatly.

[Lingula]

I work in a couple of large corporations with thousands of Windows users. One is a locked-down Windows environment. When they need new software, they call tech support. Maintenance is done without user input. The other is a completely virtualized Windows environment. Again, no system admin passwords because users don't have the privileges. No viruses, no crashes, and work gets done without any fuss.

I have an elderly relative with a locked-down Windows install. When she has a problem, we remotely log in to fix it.

Some of the Windows installations with the best stability and easiest maintenance are the ones with similar barriers and controls to Linux, though IMHO not implemented as well as in Linux. For example, creating a user without admin (sudo) privileges is trivially easy. I do so at home for kids and wife's password-free logins. It's only a matter of "su - myusername" to do admin tasks.

If a person cannot understand or remember how to appropriately use passwords and do admin tasks, then they shouldn't have admin access. That includes software installation.

I also agree with a previous poster who said that one shouldn't sell computer service without understanding the OS they are trying to administer. It's the blind leading the blind.

[Spacedog]

The point I am trying to make it is may not be the user who is trying to do some admin task, it may be their son, daughter, or a friend.

When I fix a computer I do so with the philosophy that they should under no circumstances have to contact me again about it. People appreciate this and so do I, I hate callbacks. Needing a password to me makes the phone call asking what the password is almost inevitable.

[austin.texas]

I'm afraid I got lost like a true newbie following this.
gksudo gedit in a terminal does nothing but go to the next line, there is no editor to save the next bit in? Does username refer to the user in question's username or the word username?

The only thing I would want to add is that I am not going to do that to my system because I appreciate the extra security that linux provides, and I would not recommend that anyone else actually do that, either, particularly a beginner.

Create a non-administrative user and auto-login that user. If anyone needs to manage the system they can log in as the admin user.

[Previous1]

On a more general note, I've found this article very useful:

http://www.admin-magazine.com/Articles/ ... -PolicyKit

[wanderer7]

I guess the philosophical issue I have is the user already has a password for things like email and cloud, this should be enough in a well designed system.

The point I am trying to make it is may not be the user who is trying to do some admin task, it may be their son, daughter, or a friend.

I guess I'll never convince you that it's OK to have more than 2 passwords and that it's not normal when anyone can do admin tasks in your computer.

Anyway, I understand that you (or the users you're working with) might not like passwords, that's fine. There are windows users, who have only one - administrator account, without a password, click "yes" on all pop-up windows, have UAC disabled because "it's annoying", don't have antivirus as it "slows down the pc", don't make updates because "it requires restarts", they use the same password for all their online accounts and the password is either "password" or "12345678". And that's fine.

But you posted this in the "Ideas" section of the forum, so I have to reply - I don't like the idea of passwordless GNU/Linux. This is absolutely unacceptable for me. GNU/Linux has its own niche. Maybe it's not easy to use, but it's secure. If Mint ever tries to mimic windows and copy microsoft's philosophy, it will be the end for this distro.
It's like an antarctic penguin trying to act like an african spoonbill. There are other OS-es that excel at carelessness, it's not what GNU/Linux should be like.

[Distro-Don]

I guess the philosophical issue I have is the user already has a password for things like email and cloud, this should be enough in a well designed system.

The point I am trying to make it is may not be the user who is trying to do some admin task, it may be their son, daughter, or a friend.

I guess I'll never convince you that it's OK to have more than 2 passwords and that it's not normal when anyone can do admin tasks in your computer.

Anyway, I understand that you (or the users you're working with) might not like passwords, that's fine. There are windows users, who have only one - administrator account, without a password, click "yes" on all pop-up windows, have UAC disabled because "it's annoying", don't have antivirus as it "slows down the pc", don't make updates because "it requires restarts", they use the same password for all their online accounts and the password is either "password" or "12345678". And that's fine.

But you posted this in the "Ideas" section of the forum, so I have to reply - I don't like the idea of passwordless GNU/Linux. This is absolutely unacceptable for me. GNU/Linux has its own niche. Maybe it's not easy to use, but it's secure. If Mint ever tries to mimic windows and copy microsoft's philosophy, it will be the end for this distro.
It's like an antarctic penguin trying to act like an african spoonbill. There are other OS-es that excel at carelessness, it's not what GNU/Linux should be like.

Only an idiot, or a Microsoft troll, would want anyone to be able to preform admin functions without a SECURE PASSWORD.

[Previous1]

A password isn't so secure when typed too often. One simple reason is you stop paying attention.

BTW: KeePass is an invaluable tool if you don't like having too many passwords. Especially if you have close to a hundred like me, lol.

[Spacedog]

The password is always, and I mean always, going to be 1234. How is that more secure? It may as well not be there.

So what if Granny can go tinkering with the innards, if the system is properly set up to do what she wants in the first place she won't ever be interested in doing that.

[Distro-Don]

A password isn't so secure when typed too often. One simple reason is you stop paying attention.

BTW: KeePass is an invaluable tool if you don't like having too many passwords. Especially if you have close to a hundred like me, lol.

That is why the password should be changed every now and then.

[Distro-Don]

The password is always, and I mean always, going to be 1234. How is that more secure? It may as well not be there.

So what if Granny can go tinkering with the innards, if the system is properly set up to do what she wants in the first place she won't ever be interested in doing that.

Are you saying that just because some people want to install things in a very insecure way that all of us should not have a secure password? That sounds like a very dumb argument, or Microsft trolling to me. It sounds to me like you would probably be happier installing Windows on their machines, so why don't you do that?