Hi,
can someone please attach screenshots of keyboard of librem 5? I need them right from the area where i type sudo passwd. I have forgot the symbols i used but in the lockscreen the layout is differnt. I have us keyboard. Please help as fast as you can!
Thank you so much!
Thanks for your help, but i need symbols not just letters.
So, your hoping muscle memory will save you, huh? Good luck!
These are what’s on squeekboard, but I wonder if you mean the other one…
And just in case that “lockscreen” was referring to LUKS password, that uses the other keyboard (sorry for the image quality, couldn’t screenshot)
Does librem 5 have two passwords that can be changed? What exactly are commands to change root and sudo passwords? I have managed to get in with the old password not with the one newly changed!
How is that possible? Did i made any mistakes?
To all, thanks again for the screenshots!
Yes:
passwd purism
The LUKS decryption password on the partition can be changed using GNOME Disks.
Just to clear a bit of confusion if you’re new to this: user, root and sudo (and sometimes “pin”) password (or number) is the same for normal L5 user. LUKS is the disc encryption and has a separate password that is used first, before when the phone boots.
[edit to add: To be pedantic, the root password and what you use doing sudo are not the same thing, although the effect for basic use is. If you don’t care, don’t worry, it’s not necessarily relevant to know for normal use.]
With passwd command i have successfuly changed the password which i used for a long time. I now have stronger password, but what about security? I also have disk password. About password and brute forcing i will explain in another topic.
Thanks.
Password security is what linux password security is - you’ll get more in-depth answers from other sites. The only L5 specific security feature is the possibility to have a random keypad for pin-type number based password, which is a measure against over-the-shoulder or video based attacks (trying to see what your pw is). But that doesn’t work if you are using a more regular type pass word with letters and symbols (since you need to switch to keyboard from keypad).
I suppose someone could create a randomizing keyboard layout too. It’s weird at first, to fight against muscle memory, when typing, but it’s doable and easier after a while. It’s another matter if you consider your risk profile to be such that you want stronger password (vs. risk that comes from using L5 in public).
Note that the root account is disabled by default and there is no root password. You can if you wish, enable the root account in which case you “must” also set a root password, but I am not aware of any benefit in doing that and, if you are concerned about security, it is probably a step backwards.
The password that you use for sudo is the purism password, which you should be able to set from the terminal prompt with passwd (without specifying sudo or anything else).
You can also set the purism password from the GUI.
The purism password is used to
sudo commandTrue but for sure if you are in practice using a numeric purism password, it will be able to be brute-forced in no time flat.
One of the more popular references is this table that is updated yearly (comes from very comprehensive post about passwords and how breakable they are)
As can be seen, number needs to be ridiculously long to really compete with a proper password (remembering that this is just indicative of length - if it’s guessable, it’s much faster with different techniques). The good thing is that the number (if use is akin to a pin) with L5 can be longer than standard 4,5, or 6 digits. The bad thing of course is that that’s not enough compared to password needs. The blog post goes to good details about the specifics.
It would be really nice usability feature if there was a separate lockscreen pin, but like I said, it depends on the use/risk profile. Randomised keyboard (like with keypad) would be an interesting option (could use more screen space, showing more and bigger buttons, if anyone is interested in implementing that feature.
[edit: btw. sorry for the lack of pedantry about the “root” password - I lumped it in earlier message together as for new or basic user the separation between sudoing and root may be irrelevant]
One way of looking at it is … you must change your password every X seconds where X is less than how long it would take to brute force (and really most people would suggest less than X/2 to cater for the average brute force time). So if you would tolerate changing your PIN at least every 6 months, perhaps length 14 is OK-ish.
You have to adjust the fraction of X according to your risk profile. Personally I would say maybe X/200 hence length 16 could be OK if you are willing to change your PIN every 6 months.
The problem with that table is that 12 video cards is far far too low if you face a large corporate or a state actor or a botnet as your threat.
Personally, as general advice, I would say: divide that time period by 100,000. Few attackers will be able to wrangle 1.2 million video cards.
In my opinion … the unlock PIN should be different from the purism password. Period.
Or alternatively purism should not have sudo rights and should not need it. (To be honest I haven’t tested the Librem 5 with sudoers edited so that purism can’t sudo any more - to see what breaks. But obviously you need a Plan B in order to regain sudo access before trying that experiment and I do have that on my phone.)
It is also worth noting that LUKS plays a role here because brute forcing from the hashed version of the password is only possible if the attacker is able to get that hash. If you don’t use LUKS then it should be assumed that the hashed version can trivially be obtained. If you do use LUKS then it is trickier for the attacker.
I use LUKS and with current technology my LUKS passphrase should outlive planet earth. 
But current technology is advancing faster than planet earth is moving towards death … and this algorithm is I would think not Post-Quantum (either Argon for LUKS or bcrypt for the password). So we will need software upgrades.
This is where injection from a Yubikey if an extremely complext password would be helpful
Yes, using any MFA method would make security much better. Let’s not forget that quantum resistant blogpost using the smartcard chip slot - if only the PQC POC would become usable reality.
Somewhere near the end of time, there’s going to be some thing that resembles a humanoid celebrating (of course translated from the used universal telepathic emotive wave-signal): “Finally I have unlocked the ancient treasure, and I shall know the secrets of the universe!” … only to find… [add your contents here, in your own mind]
I can’t wait to see if Purism can pull it off. Let’s hope
