password-free ubuntu login with facebrowser

December 18, 2008

1 minute read

If you trust everyone who has physical access to a pc (if not then you are encrypting your files, right?) then there seems little point in having to type a password just because more than one user uses the pc.

So here’s how to log in from the gdm “face browser” with a single click. Instructions tested with Ubuntu 8.04 Hardy Heron and 8.10 Intrepid Ibex.

As root, create a new file containing the usernames of all the users you want be able to log in through gdm without entering a password:

sudo -i
echo 'username' >> /etc/gdm/nopassusers

now still as root modify the pam settings for gdm to check this file and allow this user in based on being in the list:

vi /etc/pam.d/gdm

and modify to contain the new listfile item

#%PAM-1.0
auth requisite pam_nologin.so
auth required pam_env.so readenv=1
auth required pam_env.so readenv=1 envfile=/etc/default/locale
**auth sufficient pam_listfile.so item=user sense=allow file=/etc/gdm/nopassusers onerr=fail** #add this line
@include common-auth
auth optional pam_gnome_keyring.so
@include common-account
session required pam_limits.so
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password

now simply restart gdm (or the whole machine) and try your new one-click login

/etc/init.d/gdm restart

Notes

This means the keyring isn’t unlocked, so you may have to type in your password anyway before your wireless connects.

References


Share as Tweet || Share on LinkedIn
Post source code on GitHub - suggestions & PRs welcome!
Subscribe for updates on software development, contracting, side projects, blog posts and who knows what else. Read the archives for an idea of content.

Mailing list powered by the excellent buttondown.email.