On Tuesday, December 3, 2019 6:57:37 PM MST Kevin Kofler wrote:
This depends (even in the absence of disk encryption) on where you
have told
plasma-nm to store your WPA (or 802.11x etc.) credentials (unless you are
using an entirely open network). (The credential storage strategy is
configurable in plasma-nm.)
Of course, that would be for wireless systems, or systems with 802.1X not
using host certificates.
For my own setup, this is not an issue, because I use FreeIPA provisioning
certificates for WPA2 EAP-TLS for wireless and 802.1X EAP-TLS for wired
clients. I can definitely see how that would apply to most wireless users
though. I definitely overlooked ssh'ing into systems that are primarily
wireless.
--
John M. Harris, Jr.
Splentity