On Sat, 2022-03-26 at 19:14 -0700, Keith Lofstrom wrote: > On Thu, 2022-03-24 at 20:22 -0700, Keith Lofstrom wrote: > > The text login approach also seems more secure. I can > > imagine The Bad Guys creating a web page that looks just > > like the generic mate-ubuntu login screen. If I type my > > password into that, I'm /powned/. > > On Fri, Mar 25, 2022 at 08:45:24PM -0400, TomasK wrote: > > This maybe not concern of yours - but - the login screen does more than > > starting DE and logging you on. > > > > The first thing you may notice - your wallet/key-ring is not unlocked > > at login. > > I presume "DE" = Desktop Environment. > > I am transitioning from older Redhat-derived distros to > Mate-Ubuntu. I haven't yet encountered a wallet/key-ring > for the mate-terminal and mostly-text tools that I use, > but I can be clueless about such things. > > > Please suggest documents or web-pages describing why a > shared wallet or key-ring is necessary, and more secure > than other password management means. I've heard those > buzzwords, but there is nothing about them in my current > working references: > > Debian Administrator's Handbook > Ubuntu Linux Bible > Mastering Ubuntu Server > > If I must learn this stuff eventually, I should do so > before I get too old to learn. But if I can accomplish > wallet/key-ring with text-based tools, I vastly prefer > that to a GUI with a meaningless splash screen. > >
I hope that I am not needlessly repeating something already said in this email list. This maybe useful as start point: https://itsfoss.com/ubuntu-keyring/ I honestly do not know much about Mate - and if the keyring management is similar to Ubuntu - beyond that Mate may be Ubuntu derived distro. Many applications store credentials in the key-ring rather than using their own home-brew solution for security and reuse. It does not work like Ben's suggest - unlocking the key-ring requires password string to decrypt its data - so being root or bypassing the OS loging does not give out plain text credentials stored. It can be pretty annoying to be constantly asked to unlock the key-ring by web browser, email client, calendar, nextcloud-client, etc, etc. if it is not unlocked correctly. You will know whether you need to deal with the key-ring or not based on it it nags you or not. Disclaimer: I highly suspect that my head refuses to remember anything about Mate/otherFashionDerivativesOfDistros because I do not really care about DEs in general ==> do not waste time trying to educate me, it would be waste of time. All I have ever want from DE is drive my screen and stay out of my way using other SW (mostly terminal or text editor (I do not grok emacs for the same reason - life is too short)). So, I use whatever is the distro default. Ben's .... comments do not really make sense to me - if he does not care - why fight it and burn ego/calories about it. I throw these comments into the same bag with political/religious/I-know-better zealots, warlords, despots, machos, nachos, systemd/zfs lovers/haters and other type of other people/stuff haters. Hope that helps, Tomas
