How to enable Automatic login in GNOME GDM 2 on
GNU / Linux
I needed to
enable automatic passwordless login in my Debian
GNU/Linux ...
GNOME and
GDM desktop environments developed a lot
through the last few years, achieving these simple task was doable
only through gdm manual configurations. Nowdays
creatiion of
user to login without any password is easy via easy to use GUI
program.
In this article I'll explain, few ways to enable automatic login in
GNOME The quickest way is to navigate in GNOMEs
gnome-control-center -> Login Window submenu
To do so launch gnome-control-center - press (ALT+F2) keys
and type in gnome-control-center, or launch via command line
in gnome-terminal or xterm:
hipo@debian:~$ gnome-control-center
While inside the control center find en launch the Login
Window as in the screenshot below:
Login Window configuration can be also done directly by
launching gdmsetup from command line e.g.:
hipo@debian:~$ /usr/sbin/gdmsetup
...
gdmsetup will further pop up a window asking to type in the
root password to allow you to customize, how gdm will deal
with user logins.
For who might not know gnome well architecture, gdmsetup is part of
the gdm (Gnome Display Manager) package and is the default login
program used to login the end user in most of the modern Linux
based distributions as well as BSDs. gdm logins the users on many
of the free software OS desktop environments like GNOME, LXDE,
XFCE... Just to name a few of the many Linuces counting on GDM to
handle the user logins: Ubuntu, Xubuntu, Fedora, Debian, Linux
Mint, OpenSUSE etc.
Once the Login Windows Prefences appears go to the Security
tab.
As you can see in the screenshot, what you can do with gdmsetup it
is pretty self-explanatory:
The two options of interests for user authorization without pass
are:
a. Enable Automatic Login
To enable: - put a tick on Enable Automatic Login
- from user dropdown menu, choose the user which has to be
configured
b. Enable Timed Login
Enable Automatic Login lets the user login without any user
password input, immediately after the configured username is typed
in (if gdm is with type username prompt).
In case where the usernames are represented by Avatars,
(like its in most user friendly Linux distributions), once clicked
avatar the user is logged in.
When Enable Timed Login is ticked and a username is choosen
or typed, instead of immediately logging the user on click or
username input, the user logging is delayed with a number of set
seconds .
Enabling the Automatic and / or Timed Login is doable also
using few simple configurations directives in /etc/gdm/custom.conf.
In many distros /etc/gdm/custom.conf will be not existing
and hence the file has to be created.
To enable delayed autologin without password for a user using gdm
config:
Create the file with a text editor ( vim, joe, nano
)whatever your favourity and place inside:
[daemon]
TimedLoginEnable=true
TimedLogin=hipo
TimedLoginDelay=30
The above gdm config vars can also be placed inside
/etc/gdm/gdm.conf but for the sake of clarity its better if
custom.conf is used.
If you don't want to bother with a text editor copy paste inside
any terminal lets say mlterm :
echo '[daemon]' >> /etc/gdm/custom.conf
echo 'TimedLoginEnable=true' >> /etc/gdm/custom.conf
echo 'TimedLogin=hipo' >> /etc/gdm/custom.conf
echo 'TimedLoginDelay=30' >>
/etc/gdm/custom.conf
To enable auto-login for a user on a first PC boot in
/etc/gdm/custom.conf put:
[daemon]
AutomaticLoginEnable=true
AutomaticLogin=hipo
An auto login can also be done by using the TimedLoginDelay
gdm config directive by putting insetad of the previous code a code
like:
[daemon]
TimedLoginEnable=true
TimedLogin=hipo
TimedLoginDelay=0
Where hipo is my desired username that will autolog, and as you see
the LoginDelay is 0 (e.g. no gdm login delay)
I attempted to also allow autologin for several users with some
cinfigurations like:
[daemon]
AutomaticLoginEnable=true
AutomaticLogin=hipo
AutomaticLogin=other-username
as well as configurations like:
[daemon]
TimedLoginEnable=true
TimedLogin=hipo
TimedLogin=other-username
TimedLoginDelay=0
In gdm3, the location of GDM config files should be
/etc/gdm3/ directory, anyways the configurations directives should
be working just like in gdm2
After any configuration changes to gdm.conf or custom.conf to load
the new settings in gdm a gdm daemon restart is necessery with
cmd:
root@debian:~# /etc/init.d/gdm restart
...
Note that, weirdly not using the gdm init script and trying to kill
-HUP $(pidof gdm) / killall -9 gdm will not make gdm to load its
new configurations. So always restart via /etc/init.d/gdm restart
after gdm conf change.
Another alternative method to achieve login without a password
input is by creating a passwordless user account on the system.
This method is not recommended though, especially for machines with
real IP addresses visible from the Internet (with lets say enabled)
SSHD access.
Using a passwordless system account can expose the system to a
severe security risk!!! Anyways, for systems not running
telnet/sshd or any other system remote access service creating a
user without an empty password might be not such a bad idea.
To make a user auto login without any password input
/etc/shadow file (storing all user account information)
needs an edit.
This is an example user entry taken from /etc/shadow:
test:$6$OPdvXArZ$ktujC6bBh9JNaCz8E9v61yNeWcJHqQiuNk8eBzevcwcIl8KFvQzJ6aBCvVpIs0Lf5MAbHjjqftUeN9crWUfxs.:15275:0:99999:7:::
Now to make the test user login directly without any pass input,
one can just remove his encrypted password string. After the change
the user line in /etc/shadow, should be:
test::15275:0:99999:7:::
If the user is created just from scratch e.g. (a new user) that
needs to login passwordless in GDM, create it without
password:
root@debian:~# adduser -d newusername
To sum it up the good thing about the remove password hash method
to auto login a user is that it will allow user or users login
across all Display Managers (not only GDM specific).
The bad side is it is very insecure and therefore in most times a
really bad practice.
I guess the described ways to login without password in Gdm on
FreeBSD should similar, unfortunately right now I have not access
to BSD running desktop to test it. If someone has tested it and can
confirm it works it will be great to drop a
comment.