On 20/10/14 03:40, pe...@easthope.ca wrote: > In wheezy, is there a routine means of allowing "login" on > the machine itself without a password,
Do you mean using fingerprints as local authentication?? > while keeping traditional > password authentication for any remote login. Do you mean passphrase authenticated remote logins? > From a superficial > understanding of PAM, I'd guess that it can provide this capability. > > Thanks, ... Peter E. > > > > > It depends on your definition of "secure". It's confusing in the context that you use it. Could you expand on that please (do you have a published standard you need to meet)?? By the definition of secure I'm familiar with - remote password authenticated access is forbidden, so is local autologin, and unencrypted drives. With single-user boxes (netbooks) LUKS is used as login authentication - with auto user login. Remote login requires passphrases (and enforces all domain ssh encryption). Remote boot 'would' be possible (ssh server in initramfs) - but "secure" but might be problematic without further explanation of the local authentication method you will be deploying and standard of "secure". Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54441959.3040...@gmail.com