NetworkManager Security
At work we have a use case of using laptops to connect to customer’s wireless routers when providing support. Because NM defaults to always saving connections, in short time we have hundreds of connection files being stored.
The default behavior is to store all connections in /etc
. The default behavior is each connection file contains passwords in clear text. A gold mine for any thief.
We do not want NetworkManager saving these connections. We want the default configuration to be not saving connections. We want NM only to store a few common connection points.
For several years users and developers have debated NetworkManager (NM) storing wireless pre-shared keys in plain text. This is horrible security regardless of the defensive arguments. That the passwords are stored in /etc
is not as much an issue as the passwords in the system-connections
files are not at least hashed.
That only root can read the files is irrelevant. A live USB defeats that argument in 60 seconds or less. Overwhelmingly laptops are used when using wireless and laptops are easily stolen. A counter argument is such laptops should be fully encrypted.
Passwords can be encrypted but each connection must be configured to store the password in the user’s keyring. Probably not a big deal for most users who use only a half dozen or so connections, but inefficient and error prone because the user must remember to make this change. I know of no way to make this the default behavior.
A related security issue is I know of no way to configure the default behavior to treat connections as temporary or session-only rather than persistent. The command line nmcli
seems to have some support for this, but this seems to be a one-shot deal.
Another security issue is I know of no way to set the defaults to not saving passwords at all. While this can be tweaked manually with a text editor for each connection profile, there is no global feature to set the default behavior.
At the moment I know of no solution other than a boot script to scrub all unwanted connections.
Side note. NM does not contain decent intelligence with connecting to Ethernet. When I connect with Ethernet at home, power down, and then connect to Ethernet at work, NM insists on connecting to the home connection. I do not use DHCP at home, hence the different connection profiles. Conversely, after configuring the correct Ethernet connection at work, when I return home NM will connect to the work profile.
Posted: Usability Tagged: General
Category:Next: CentOS and VirtualBox
Previous: Sluggish Laptop