Ive recently installed OpenSuse 11.2 and chose to install gnome with KDE4. Having done so i’m using kdm4 as the display mgr defined in /etc/sysconfig/display manager. However kdm4 reveals all the user names which I don’t really like. Ive tried others including console. After logging in manually ive typed startx gnome which fails. How do you continue to use kdm4 setting and omit the display of the user accounts.
Like most things in FOSS, this is configurable. In /usr/share/kde4/config/kdm/kdmrc we find:
# Enable user list (names along with images) in the greeter.
# Default is true
However I’m not sure that this the working copy since it’s in /usr/share which is supposed to be read-mostly. There appears to be a program called /usr/bin/genkdmconf. It may even be tied into a YaST module. Feel free to search for a GUI configuration editor.
The reason I dont want the local user names displayed is if they are displayed that gives anyone wanting to hack into the box part of the equation ie the local user names. If the users already have access then there is a degree of trust implied. Just feel its poor practice to display the users on the console.
Thanks to those who replied. I did find out the last user login and the list of available users can be removed from display manager by going configure desktop, advanced, login manager under kde and unselect the option for displaying users and also unselect the last user that logged in. So there is no indications from the console as who the local users are…
Your very correct the loss of physical security of a host without other measures in place negates anything that’s done at the console or any file persmissions that are set within the box. The host is totally wide open if you have physical access without the owner taking added steps. For me displaying the user names on the console is a poor security practice. Thanks though for bringing this to light.