On Wed, 2006-09-13 at 20:06 +0200, Chipzz wrote: > On Wed, 13 Sep 2006, Wouter Bolsterlee wrote: > > > På Tue, Sep 12, 2006 at 02:12:57PM +0200, Chipzz skrev: > >> Yes, and it is an very stupid idea to use it. Reading those entries, it > >> would appear you are just being lazy and care little about security. > > > > What's wrong/insecure with unlocking your WLAN key on login? > > http://uwstopia.nl/blog/2006/08/password-hell-gdm-ssh-gnome-keyring > > "Make sure you use the same password to unlock your ssh keys as you use > to login to your machine." > > And: > > http://www.hekanetworks.com/index.php/publisher/articleview/frmArticleID/25/staticId/31/ > > "auth optional pam_keyring.so try_first_pass" > > You need to make your keyring passphrase to same as your login password. > This is exactly what gnome keyring tries to avoid: using the same > password for everything. Effectively, you're using one password (and > what's worse: encouraging people that probably don't know any better to > do the same) for different things that are intended to have different > passwords/passphrases. > > >> I don't see the point in saving yourself a few keystrokes, especially > >> since you only have to type your ssh passphrases once (at the beginning > >> of your session), and your gnome keyring passphrase also only once. I > >> would advise strongly against using it. > > > > So, adding Evolution to the list, your recommendation is that I type 6 > > (bios/boot, gdm login, ssh, gpg, wlan, email) passwords each time I boot my > > computer (which is several times a day when I'm on the road). > > It's really ironic that you go through all the trouble to set up that > many different passwords, when every password is the same? How does that > improve security? > Ssh passphrases were intended as an extra barrier. And for a good reason > too. If you do not like that barrier, then why do you use it in the first > place? > But what you're arguing sounds a lot like: I don't want any passwords, > lets do away with them all together. > > And you do know about suspend, right? > > > Thanks for your helpful advice. I'll make sure I'll type 6 passphrases to > > get my computer to work. It will greatly improve my computer experience and > > my feeling of security. Thanks, again. > > > > mvrgr, Wouter > > If you want to shoot yourself in the foot, then by all means do so. But > please do not encourage other people to do the same. > > kr, > > Chipzz AKA > Jan Van Buggenhout > --
Some more outside reading for those interested. Just showed up on the front page of http://digg.com http://www.paymentsnews.com/2006/09/volume_of_busin.html Jon _______________________________________________ desktop-devel-list mailing list desktop-devel-list@gnome.org http://mail.gnome.org/mailman/listinfo/desktop-devel-list