Wifi auto-connection asks for keyring password
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
One Hundred Papercuts |
Won't Fix
|
Undecided
|
Unassigned | ||
network-manager-applet (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
When the computer boots, it asks for the keyring password in order to automatically connect to a wifi network. This way, it is really dificult to set the system to autologin and automatically connect to the wifi network, start an internet application (mostly p2p, could be any server) and have it running.
It would be nice to be able to connect to a wifi network without this prompt. Maybe the solution is to chose not to ask this specific question ever again (yes, windows-style), or to store some user-specified passwords in a publicly accesible keyring.
I think this behaviour could be related to bug #137247 (libpam-keyring broken on autologins):
https:/
tags: |
added: network removed: networking |
description: | updated |
summary: |
- wifi connection asks for keyring password + Wifi auto-connection asks for keyring password |
description: | updated |
Changed in hundredpapercuts: | |
status: | New → Triaged |
Changed in ayatana: | |
status: | New → Invalid |
tags: | added: ayatana |
affects: | dead-ayatana → hundredpapercuts |
FWIW, this is not a papercut, but requires some careful planning and upstream work. This doesn't happen if you log in through gdm normally, since then the keyring will be unlocked with your passphrase. If you use autologin, there are just two options:
- asking for your passphrase to unlock the keyring
- storing all your passwords unencrypted on your hard disk
I don't particularly like the second option, since the keyring also stores email/ICQ/etc. passwords, all your web passwords if you use epiphany, ssh passphrases, etc. We shouldn't just silently keep an unencrypted keyring and hide the potential vulnerability of this to the user.
What we could theoretically do is to not use gnome-keyring in network- manager- applet if it is locked, and instead store the plaintext WPA/WEP passphrase in network-manager itself. I'm less concerned about Wifi passwords than for SSH/web/email passwords; we need to treat those with care!