Migrating a Business to Linux — 7
One of the challenges encountered in our migration at work is configuring NetworkManager (NM). NM is designed to store passwords and pre-shared keys (PSK) in the respective
/etc/NetworkManager/system-connections directory. This sensitive information is stored in clear text rather than hashed.
Although we are encrypting our laptops, encryption does not protect a system that is powered on and the user logged in. Although the risk is minimal, there is the possibility of a system being compromised while in that state.
Because the credentials are not hashed, I decided to use the GNOME keyring to store the information. That way the information is not stored in
/etc in clear text. This approach works — except when auto-login is used, NM is configured to auto-connect, and a password or PSK is required. At that point the infamous
Unlock Login Keyring dialog appears.
There are only a few options.
- Disable auto-login.
- Disable the NM auto-connect.
- Store the credentials in
- Manually configure the connection profile to never save the PSK.
Of the first two laptops we are testing in our migration, one is called our bench PC. That laptop always remains on our test bench. Although physically portable, the system is treated as a stationary system. With that laptop we regularly swap wireless and Ethernet. Almost always the laptop is powered on without the Ethernet cable connected, which means prompting for the wireless PSK.
Unlike field laptops, with the bench laptop we prefer a tad convenience rather than security. The risks of compromise are low being located in the office on the test bench. Using auto-login makes sense as does having NM auto-connect. The only way to do that is allow NM to store the credentials in
/etc in clear text.
NM is not well designed. Hashing credentials would resolve serious security issues. Allowing users to not store connections as the default setting would avoid storing hundreds of unwanted connections.