Bug 1189027

Summary: The ability to configure what the password should be, as well as its generation
Product: [openSUSE] openSUSE Distribution Reporter: Nikolay Sabelnikov <79625490833>
Component: InstallationAssignee: YaST Team <yast-internal>
Status: CONFIRMED --- QA Contact: Jiri Srain <jsrain>
Severity: Enhancement    
Priority: P5 - None CC: 79625490833, ancor, kanderssen, mfilka
Version: Leap 15.3Flags: kanderssen: needinfo? (79625490833)
Target Milestone: ---   
Hardware: Other   
OS: openSUSE Leap 15.3   
URL: https://trello.com/c/Y5v7kRJA
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Nikolay Sabelnikov 2021-08-03 17:18:21 UTC
Add the ability to use a user without a password, i.e. the user does not have a password like this. In linux, this is possible, but neither the yast2 setup nor the installer allows you to remove the password, nor install a user without a password.
Comment 1 Nikolay Sabelnikov 2021-08-03 18:46:39 UTC
I found the setting of the password itself, but I also wanted to set up the password itself and the ability to generate it in the installer.
Comment 2 Knut Alejandro Anderssen González 2021-08-04 15:16:21 UTC
As this is a enhancement or feature request, it would be nice if you could elaborate a little bit the use cases.

So, could you provide some examples where it could be useful?
Comment 3 Nikolay Sabelnikov 2021-08-04 15:44:08 UTC
I found the password setting in security and was able to remove the password. So, here is to add to the installer the ability to configure a password, when creating a user, with what and how many characters, letters, numbers, and possibly without password creation of a user.
Comment 4 Ancor Gonzalez Sosa 2021-08-24 14:03:05 UTC
Creating a user without password is a pretty specialized case. Of course there might be use-cases for it, but I don't think it's something to be offered as an option in a normal installation. We don't want to encourage such an insecure setup. Admins needing that are surely knowledgeable enough to configure it manually.

If I read it correctly, you also suggest to integrate a passwords generator into YaST (which is, by the way, a completely separated topic). That may make more sense, it would also be usable to set the key for encrypted devices. Something similar was suggested here [1]. It would need a good UI design and it will bring some security and usability concerns, but is maybe a possibility worth exploring.

[1] https://bugzilla.suse.com/show_bug.cgi?id=1185291#c3
Comment 5 Nikolay Sabelnikov 2022-01-02 13:31:46 UTC
(In reply to Ancor Gonzalez Sosa from comment #4)
> Creating a user without password is a pretty specialized case. Of course
> there might be use-cases for it, but I don't think it's something to be
> offered as an option in a normal installation. We don't want to encourage
> such an insecure setup. Admins needing that are surely knowledgeable enough
> to configure it manually.
> 
> If I read it correctly, you also suggest to integrate a passwords generator
> into YaST (which is, by the way, a completely separated topic). That may
> make more sense, it would also be usable to set the key for encrypted
> devices. Something similar was suggested here [1]. It would need a good UI
> design and it will bring some security and usability concerns, but is maybe
> a possibility worth exploring.
> 
> [1] https://bugzilla.suse.com/show_bug.cgi?id=1185291#c3

this topic closely echoes the recent open topic https://bugzilla.suse.com/show_bug.cgi?id=1194042
Comment 6 Nikolay Sabelnikov 2022-01-10 14:11:31 UTC
(In reply to Nikolay Sabelnikov from comment #5)
> (In reply to Ancor Gonzalez Sosa from comment #4)
> > Creating a user without password is a pretty specialized case. Of course
> > there might be use-cases for it, but I don't think it's something to be
> > offered as an option in a normal installation. We don't want to encourage
> > such an insecure setup. Admins needing that are surely knowledgeable enough
> > to configure it manually.
> > 
> > If I read it correctly, you also suggest to integrate a passwords generator
> > into YaST (which is, by the way, a completely separated topic). That may
> > make more sense, it would also be usable to set the key for encrypted
> > devices. Something similar was suggested here [1]. It would need a good UI
> > design and it will bring some security and usability concerns, but is maybe
> > a possibility worth exploring.
> > 
> > [1] https://bugzilla.suse.com/show_bug.cgi?id=1185291#c3
> 
> this topic closely echoes the recent open topic
> https://bugzilla.suse.com/show_bug.cgi?id=1194042

I opened it.