NM fails to connect when booting ?? -[SOLVED]

Matthew Saltzman mjs at clemson.edu
Wed Mar 18 17:05:31 UTC 2009


On Thu, 2009-03-19 at 00:48 +1030, Tim wrote:
> On Wed, 2009-03-18 at 11:54 +0000, Timothy Murphy wrote:
> > Am I alone in thinking the "per user" paradigm is crazy?
> > How many people actually have WiFi laptops used by several people
> > who want to connect in different ways?
> 
> How many average users would have a wireless access point that lets them
> have different user logons?
> 
> Every one that I've seen has just ONE set of logon credentials for
> everything that connects to it.  I strikes me that this per-user idea is
> being implemented in the wrong way.  It could only work for something
> beyond the actual wireless connection.

Any serious enterprise?

WPA with PEAP is standard here.  User credentials are checked against a
system-wide userid/password directory.  Only credentialed
employees/students can gain access to the campus network.  Guests have a
separate, restricted network that is open for anyone.

There certainly are reasons to support system-wide, on-boot connections,
but per-user connections are a good model for many mobile apps.  

Now, my laptop doesn't get much use from different users, but I do have
to control many different connections:

      * home (WPA)
      * office (WPA/PEAP)
      * Jittery Joe's (NOT Starbucks!)
      * remote office I visit frequently (currently WPA)
      * homes of several different friends, family, and colleagues
        (typically WPA or WEP)
      * hotels and airports (and Starbucks 8^( ) when I travel
        (Web-authenticated access)
      * remote work locations (could be anything).

Accessing those on boot doesn't make much sense (how would I choose
which connection when multiple ones are visible, and how would I
authenticate?), and I don't do much with the laptop that doesn't involve
being logged in.

I don't think my usage pattern is all that unique.

Per-user access controls in NM do have one problem: once I've
authenticated, if I log out, the connection stays up and the next user
is still authenticated with my credentials.  For work, that would be a
problem if the machine were actually multi-user and I didn't trust other
users, because the network managers expect the logged in user to be the
authenticated user.  For other locations, it might be a problem if the
next user isn't authorized.

-- 
                Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs




More information about the fedora-list mailing list