Security Overkill - Getting rid of the Authentication Password


#1

Hi Folks,

I am a recent addition to the Linux hair pulling club for nerds and need a bit of help. Hopefully you will find this call for help entertaining.

My experience so far has been a ridiculous run around to try to get reliable and complete instructions for the latest version of Ubuntu 18, even to be able to do what I consider to be the tiniest of simple things. But I am plugging away and getting there.

My latest head screw of an issue… I plugged in an external USB Hard Drive 1TB which stores all my backed up user files created on Windows machines. I proceeded to copy and paste folders containing thousands of files into newly created folders in my Documents directory. I’ve already had the terrible fun of setting up permissions for these directories and was successful sharing them across my network using Samba and messing around until I was able to read, write and delete into these folders from my other Windows machines. So it all should have been easy. But here I am, having left my computer running overnight in the hope the copy process would be near completion and instead I have it telling me that some copy processes are going to take thousands of hours to complete (an over-estimate I know, not worried about that so much) AND it is asking me for password authentication about every 15 to 20 minutes. It is honestly infuriating.

How do I get rid of this overkill of security and remove the need to constantly give my authentication code?

I describe the security arrangements with the following analogy:
I am in my house. I have locked all external entrances. I have double bolted all external entrances. There are bars on all the external entrances. I am safe yet here inside my house, I am running around with keys opening and locking every door as I go through it. Every door has a lock. Every cupboard and drawer has a lock. The toilet seat has a lock. And I have to identify myself to every lock so the lock knows it is me or at least some dude named Sudo. And while all this is going on, I am somehow still encouraged to imagine there is a hidden basement somewhere with a wide open door letting in criminals and murderers. It is crazy.

Maybe I selected the wrong options when installing but I now need to bring some sanity back to this machine.

Your help is much appreciated.


#2

Could you maybe provide a screenshot of the authentication window you are seeing?


#3

Yes, as @Razvan_T_Coloja suggested it would be nice if you can provide more information about the locking system you are referring to.

The only thing I can think with a given information is a screen-lock. If this is the case know that all processes initiated ( in this case your copy process ) is still running even though your screen has been locked.

If by any chance you are referring to sudo authentication, simply gain access to root shell using:

$ sudo -i

This will provide you with root shell indicated by # and no more authentication requests would be initiated unless you create a new session. However, this comes with a risk of you inadvertently damaging your system.


#4

No it is not a screen lock.

I opened Nautilus (the file browser), I go back down a few levels, open my Home directory as an administrator, input my password into the authentication window, navigate to the destination folder then copy the files on the USB drive into this destination folder.

The lock I am talking about is the authentication window. No sense giving a screenshot as it looks the same for everyone running gnome on Ubuntu. In my opinion, once I initiate a Copy and Paste process using this method, it should copy all folders and files reliably without interruption. As it is, it cannot be trusted to perform this vital and fundamental process.

How do I remove the need to keep entering my password?


#5

Have you tried to open the Nautilus file browser directly as a root? For example you can try the following.

Open a terminal and execute the following commands. First gain root access, create a Nautilus configuration directory by using mkdir command and finally start nautilus:

$ sudo -i 
# mkdir -p /root/.config/nautilus
# nautilus

From here you do not need to open directory as an administrator since you have started the Nautilus as an administrator already hence given a root access to entire file-system. See if it helps! Be careful not to inadvertently damage your system. With great power comes great responsibility:-)

The other alternative, which is guaranteed to work is to copy your files iby using the cp command from a terminal as a root user terminal.


#6

Press Alt+F2 and type gksu nautilus then enter your password. It will open Nautilus with root privileges and you can do whatever you need to do and won’t be asked for a password again while copying files using this administrator instance of the file manager.
Just be careful what you do because having root privileges you also gain write access to all files on the system.


#7

Good thinking! However, in my case I was not able to use it as the gksu command package has been rendered obsolete and no longer available on Ubuntu 18.04. However it is still available on Ubuntu 16.04 so you are right, it should be mentioned here too.

The pkexec supposed to be replacement for gksu but at least in my case the solution was more messy than the sudo -i approach.


#8

Thanks for trying to help Razvan and Lubos. I hate to say it though but forum threads littered with obsolete solutions that veteran users propose for the latest incarnation of Ubuntu are a major part of the problem I am facing with getting reliable information to run Linux. Pair this social phenomenon with the fact that Google’s algorithm favours age, use and popularity and so tends to push the obsolete data to the top.

I did find this video which is Dec 2017 so relatively new. I am not quite understanding it completely yet but it would appear to suggest there is a configuration file available for setting permissions.


#9

Yet another complication that makes it important for me to get the permissions right…

I am using a program called Syncback on Windows to make sure the backup folders on the old machine are synced on the Ubuntu machine. It is copying files using a mapped network drive to the Ubuntu share. All permissions say it should be working yet I am getting lists of thousands of files failing to copy. Here are some of the messages:


Failed to copy from Left : Cannot copy file (64): The specified network name is no longer available

Failed to copy from Left : Cannot create folder: \Ubuntu_computer\username\the shared folder in the home directory\folder path copied from the source on my windows machine\ (The specified path is invalid)


The network location is definitely still valid and the path is definitely correct. It is a direct copy so can’t be wrong.

I originally set the permissions using what I learned from here:
https://linuxconfig.org/how-to-configure-samba-server-share-on-ubuntu-18-04-bionic-beaver-linux
I then found out I could open nautilus using administrator privileges and set permissions using the right mouse button.


#10

I am hoping for a solution that gets rid of this problem permanently. It really should not be necessary to switch users, switch modes or use the terminal to avoid these permissions. The permission requirement itself needs to be turned off.

“Be careful not to inadvertently damage your system.”
More likely to happen when security overkill prevents me from:

  1. Understanding the system I am working with.
    and
  2. Undoing changes I’ve made.

#11

The tutorial you posted will teach you how to remove authentication prompts issued by both applications and the command line but be aware that this is strongly adviced against (and this is an understatement). You will at some point damage your system if it doesn’t prompt you for a password when you are required to perform administration-level tasks.
Linux is not like Windows. What drives you “insane” (the authentication prompts) is actually part of what makes Linux much more secure than Windows. Without prompts you might launch a malicious application and it will not ask you if it should perform actions affecting your PC at a system level; it will just do it and you will not know about it until it’s too late.
Those prompts you see are for your own protection. They might seem irritating if you come from a Windows world but I remember the days when Windows XP had no problem in launching whatever apps you wished or didn’t wish to run and it was a cesspool of viruses because of that. Windows NT and later Windows ME, 2000, Vista, 7, 10 gradually took care of these problems by implementing more password promps, warning and such.
I would leave the system as-is and try to get used to it if I were you.

Regarding you second reply, it seems this is a network problem. Are you able to right-click on that share (network drive) from within Windows and create a new file or folder? If not - that’s the problem. Either pemissions for the share are not set accordingly (you need to check the Read/Write boxes for the folder in the folder permissions dialog in Linux and make sure the changes affect all subsequently created subfolders) or there is a problem with your network configuration. The problem might be on the Windows side or on the Linux side.
It’s hard to tell without more information.

But let’s take a look at how that share is configured. Open the /etc/samba/smb.conf file in a text editor on your Linux PC and copy/paste its contents here please.