I’m on a desktop PC that’s in my home office. I have personal documents and clients’ intellectual property on it (source code, databases, documents, etc.). Hence, I like to use full disk encryption on all disks. Nobody else uses this PC besides me and it’s safe at home. The only threat vector is if somebody gained access to my room and stole the computer. It’s very remote, but still technically possible (if you think I’m exaggerating, I’d like to learn your opinion). Maaaaybe if I was sending the nvme for RMA, that’s also a threat, but I have never had an SSD break on me. Never. I know it’s anecdotal and sometimes they break, but I had multiple and I think it’s such a small chance…
LUKS is a bit of a pain with having to type the passphrase on each boot. So I had it on auto-unlock via TPM, which works great when it works, but a) is also a pain when it breaks (usually due to system upgrade that changes something and I forgot to re-enroll the keys or re-generate the PCRs), b) according to Arch wiki it’s unsafe, if anybody has physical access to my PC – so essentially the only threat vector I was trying to protect myself against is not protected against.
But I was thinking – I am OK with typing one password on boot. I just don’t want to type two different passwords one after the other. What if I set autologin in my Desktop Environment (GNOME or KDE), but left LUKS locked down with a passphrase? Wouldn’t that be safe? It’s a single user system, nobody will use it. If it gets stolen, it’s been shutdown and then they can’t gain access because of LUKS.
Am I thinking correctly?
Yeah, it is safe.
But last I checked, enabling autologin means your GNOME Keyring / KDE Wallet won’t unlock automatically. Something to keep in mind.
Is that why my gf keeps getting that wallet thing on every reboot and I don’t? She only wanted to put a password for updates (well not really but she has no choice) there is nothing on her pc but games, no personal info
Yeah, that’s most likely the reason.
That’s a bummer. I still don’t know what it’s useful for, except for not having to type SSH passphrases. I think it doubles as a password manager? I don’t need that, I use Bitwarden.
I think KDE stores Wi-Fi passwords in the wallet. Plus various third-party software may store its secrets in there.
Ok. That seems important then. Having to type the WiFi password would be even more annoying. :) The other part seems important, too.
Now it makes me wonder how non technical people who have auto login enabled deal with it. I mean, I’d expect it to work like on Windows.
Windows is hella insecure
What if I set autologin in my Desktop Environment (GNOME or KDE), but left LUKS locked down with a passphrase? Wouldn’t that be safe?
Probably safe enough
I don’t know anything about anything, but as far as I know anyone with physical access to an unencrypted Linux computer can get in easily. I agree with you that auto login should be fine for your threat model.
