Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

  1. #1
    Join Date
    Jan 2011
    Beans
    107
    Distro
    Ubuntu

    Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    Hi,
    Today I came across this:

    http://news.softpedia.com/news/Ubunt...t-412056.shtml

    Anyone have an Idea how to change this beavior and still let the other users to acces the pass?
    Regards
    Miguel

  2. #2
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    4,232

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    There's a lot of tempest-in-a-teacup sensationalism in that link.

    The user is providing conflicting goals. Either the user wants the wireless password encrypted and unavailable from other users (uncheck the "share with other users" box), or the user wants the password open and available for all users (the default, box checked).

    Quote Originally Posted by miguelpires View Post
    Anyone have an Idea how to change this behavior and still let the other users to acces the pass?
    Not really. The purpose of encrypting your home directory is to prevent other users from accessing your data, including unshared wireless passwords. Letting other users access data encrypted by your key seems like a poor choice.

    Perhaps you mean "shared wireless passwords also should be encrypted separately." Rather like what PAM does for your login. And that's possible, if someone wants to write it. But have you looked in /etc/NetworkManager/system-connections/ ? You must be root to read it. Anyone with permission to view those plain-text passwords already has permission to become any user capable of decrypting.

    It's easy enough to to usability testing to find out which behavior most users expect to be the default. People come in all varieties - look at all the threads here of people who encrypted...but then expected automated tools like backup jobs and file sync daemons to have access to their encrypted data. The majority expectation of default behavior may still be something you or I don't like.
    Last edited by ian-weisser; December 27th, 2013 at 03:08 PM.

  3. #3
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    The entire email conversation can be seen here.

  4. #4
    Join Date
    Mar 2011
    Beans
    680

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    This is not even slightly a big deal. Of course it does this, otherwise you would have to enter your password before you could connect to wifi.
    sig

  5. #5
    Join Date
    Apr 2011
    Location
    Mystletainn Kick!
    Beans
    8,005
    Distro
    Ubuntu

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    If someone can read that file, then you have bigger(much bigger) problems, as it is only readable/accessible/movable/copyable by root.
    Splat Double Splat Triple Splat
    Earn Your Keep
    Don't mind me, I'm only passing through.
    Once in a blue moon, I'm actually helpful
    .

  6. #6
    Join Date
    Aug 2011
    Beans
    464
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    Encrypt your hdd and password protect it via BIOS and in no way they are getting to any of your passwords.

  7. #7
    Join Date
    Jan 2011
    Beans
    107
    Distro
    Ubuntu

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    Hi,
    For me is a little bit strange this situation. The average user don't need/have knowlege to encript the disk and set a Bios pass, and don't know that the pass of the wifi are in plain text.
    regards
    Miguel

  8. #8
    Join Date
    Jun 2011
    Location
    United Kingdom
    Beans
    Hidden!
    Distro
    Lubuntu Development Release

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    Quote Originally Posted by miguelpires View Post
    Hi,
    For me is a little bit strange this situation. The average user don't need/have knowlege to encript the disk and set a Bios pass, and don't know that the pass of the wifi are in plain text.
    regards
    Miguel
    The average user doesn't have access to the root account:

    Code:
    $ ls -l /etc/NetworkManager/system-connections/
    total 4
    -rw------- 1 root root 333 Dec 23 14:42 ####
    Code:
    $ cat /etc/NetworkManager/system-connections/####
    cat: /etc/NetworkManager/system-connections/####: Permission denied
    In summary, unless the user is root (in which case they can read your passwords anyway), you can't read the file, so it doesn't matter.

  9. #9
    Join Date
    Nov 2011
    Beans
    2,336
    Distro
    Ubuntu

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    All distros do this.

  10. #10
    Join Date
    Dec 2010
    Beans
    Hidden!

    Re: Ubuntu Is Storing Wi-Fi-Passwords in Clear Text By Default

    Quote Originally Posted by buzzingrobot View Post
    All distros do this.
    I see you beat me to it

    http://news.softpedia.com/news/All-L...n-412387.shtml

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •