Wednesday, 21 January 2009

Acer Aspire One Linpus - Password Protection

I now have an Acer Aspire One netbook, the 8GB Linux version which runs Linpus Lite on a "solid state disc".
Great as this little machine is out of the box I can't help feeling that on something this portable (and thus stealable) the lack of password protection on start up is a serious security issue. When you first set the One up it asks you to create a password but only asks for it when coming out of screensaver/suspend (if you select the option for it to do so). At start up auto login is enabled by default so no password is asked for. This obviously contributes to the One's impressive sub 17 second boot time but if you're as uncomfortable with the lack of security then you'll want to disable that auto login.

It took me some time and googling to find out how to do this so I'll spread the word here. It does involve a bit of Linux command line jiggery-pokery though so care is required.

First off, where's the Terminal? Not immediately obvious this. From the home screen open "My Documents". Then click File, and click Terminal. A nice command line terminal should appear with a prompt:

[user@localhost Documents]$

At the prompt type

sudo thunar

and hit enter

Thunar is the file manager used on the Aspire One and "sudo" means you want to run it as root, rather than as an ordinary user. If a password is requested enter the password you set up when you first set up your Aspire One. A new file manager window will appear, this time with a big red warning bar across it to indicate that you are using the root account!

Use the blue arrow button to go up one level then click "view" and "show hidden files". You should now be able to see all the system folders on the disk. You need to navigate to this folder:

/etc/rc.d/

so type /etc/rc.d/ into the location box (just above the red bar) and hit enter. the contents of the folder should be displayed. Scroll down until you see the file named

rc.S

Carefully right click this file, be sure not to accidentally double click it otherwise the file will run, all hell breaks loose and you will have to turn off your One and start again. Yes, that is the voice of experience :-( Click on "Open With" and "Open with "Mousepad"" The contents of the file will be displayed. You need to carefully edit this file as follows, if you get it wrong your One may become unusable so I suggest you print this bit or write it down, especially if reading this on your One.

First of all find the following line in the file

/usr/bin/xinit -- -br>/dev/null 2>&1 &

You need to comment out this line so it will be ignored by putting # at the start of it like this:

#/usr/bin/xinit -- -br>/dev/null 2>&1 &

Immediately below this line add a new line like this:

/usr/sbin/gdm

Now click File and Save, then File and Quit to close the window. Close all the other windows and restart the One.
When you reboot your Aspire One you will be presented with a login screen. The username is "user" and the password is whatever you set it to be when setting up your One.
You will also briefly see this screen when shutting down your One.

Some of the above I found on THIS SITE where there is more info, including a link to what to do if you forget to add the extra line and can't boot your One!

Although the Aspire One takes a little longer to start now I feel much happier with that little extra bit of security between my data and the bad guys. I hope this info is of use to others, feel free to spread it around.

4 comments:

Khairulnizam Bakeri said...

Good God.
I've been searching this stuff for days.
Thankazillion!

Don. said...

Glad to be of service :-)

wildrose said...

Thanks, your tip worked for me!

Benjamin said...

Alternatively press F2 on startup and set a bios password - that's even easier!