here is how to set autologin and disable screen lock for dom0 XFCE

1,057 views
Skip to first unread message

Anonymous

unread,
Nov 14, 2015, 5:14:58 AM11/14/15
to qubes...@googlegroups.com
In the dom0 terminal edit the [SeatDefaults] section in the file /etc/lightdm/lightdm.conf so that the following 4 lines are uncommented:
pam-service=lightdm
pam-autologin-service=lightdm-autologin
autologin-user=
autologin-user-timeout=0

...and also append your dom0 user name to the autologin-user line as follows (where "user" is your username):
autologin-user=user

Finally, so you don't have to remember the login password anymore at all (as it is better to save your memory for your encryption key passwords) you also might want to turn off the screen lock by unchecking the "Lock Screen After" box under SystemTools->Screensaver and also deselecting "Lock screen"from the "When laptop lid is closed" dropdown menus under System Tools->Power->On AC and System Tools->Power->On Battery in the Qubes graphical interface.

We recommend that this be the default configuration packaged by the official Qubes developers as a better fit for the Qubes OS threat model.

Unman

unread,
Nov 14, 2015, 7:16:48 AM11/14/15
to Anonymous, qubes...@googlegroups.com
You have a different threat model from me, and, I suspect, many Qubes users.

I wouldn't support this as default configuration.

Marek Marczykowski-Górecki

unread,
Nov 14, 2015, 10:40:44 AM11/14/15
to Unman, Anonymous, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Yes, exactly. While autologin may, in some situations, be useful (you've
just authorized yourself with LUKS password), disabling screen locker _in
default configuration_ is a bad idea.
If you want save memory for LUKS password, and not worry about
shoulder-sniffing the password, you can use the same password for both
LUKS and the user (so screen locker).

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJWR1X1AAoJENuP0xzK19csvFQH/i7H5mO/7VVn0GlyzZL1GNCt
P6PL2epf/7cTaqvf+2/GObpLWgQtk2KNY7awuniZLt90SH3/wrB1IhXGPcXaC1iO
1LA98fqErrVctXndvhHaGwkBDfR4MiuY1Hvj3Hl83Ocopy1Bi77xQ1/ePPCF+WAP
2z6us8Ii0WuKzW85zlE/N6iDU3b6GAfAH+f4orINAZE1L2QIAq5PQfA7U9Mutisc
bLTKr4Okcqu6KshdLLviYG4qFhpKtWVb6UBTucZvxlt3QRwljxRoTgCiWMP6UqIS
Ja9nvxEfmREpEE0VCDYc79wiWSiIibhwkRb7Iqm9gtUMCo1sxp62Fl395SivXfc=
=2PLT
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages