ssh not available when lightdm disabled until after local login

We would like to run our TX-1 as an embedded device without lightdm. To turn off lightdm I used systemctl disable lightdm.service which works great - the system boots to a linux prompt. With a local keyboard and display I can login. The problem is that we cannot ssh in unless we first login on the local keyboard. I’ve started investigating the systemd startup process but would appreciate any pointers if someone has already been through this. When looking at dmesg the DHCP Req/Ack cycle appears to happen only after local login.

I’ve never resolved this myself, but have been annoyed by the Ubuntu paradigm of networking depending on GUI login (this is a combination “Ubuntu thing” and “NetworkManager thing”). I have in the past manually gone in and run network commands via serial console to bring up networking prior to login, and in theory you could put those commands in rc.local to run at each startup (such as running “sudo dhclient” to get DHCP started…sudo not being needed in rc.local since it is already suid root); the actual configuration files for networking probably do have their own method of doing this in a less messy way, but I’ve never investigated to find out exactly what that is (you can create your own systemd services and add them to a systemd target, or else make existing services a requirement of a target which was not previously demanding that service).

One issue is that many Linux distributions are currently shifting their init style from the old RC scripts to systemd files, ending up as a hybrid of both. There is also some interference by NetworkManager trying to automate certain things related to temporary networks (meaning WiFi which could be up or down at any moment) which really annoy me. Traditional init file settings for networking and NetworkManager files may cause one form or the other to be ignored (this is the “hybrid” part of mixing both old style config files, old style RC init files, and NetworkManager config).

I’d suggest finding out what the minimal steps are to manually get networking via serial console, and then attempting to either put that in the default runlevel systemd target as a service requirement, followed by trying to do the same thing via rc.local, and finally falling back to figuring out how to get NetworkManager to do this at an earlier boot stage. Incidentally, finding a systemd service and making it a requirement of a systemd target may indirectly work through NetworkManager…then you wouldn’t have to actually figure out NetworkManager.

It might be useful to know while experimenting that the following is the basic way to manually work with systemd services:

sudo systemctl start <whatever.service>
sudo systemctl status <whatever.service>
sudo systemctl stop <whatever.service>
sudo systemctl restart <whatever.service>

The root cause of this issue is the handling of WiFi connections in Ubuntu. By default, when a connection is added using NetworkManager it is marked private to the user that initiated that WiFi connection and no other users on the system are allowed to use it. That’s why it does not connect pre-logon. To allow automatic connection to an SSID for all users:

sudo nmcli c modify <ssid> connection.permissions ""

Unfortunately this requires issuing that command each time a new SSID is added. Note that wired connections do not have this permission issue and are connected automatically by default.

There is another approach that is HIGHLY INSECURE, but may be acceptable on embedded devices that do not expose a local keyboard or display. This is a brute force hack to workaround the problem by automatically logging in on the console. It has the “benefit” that a development engineer that can open the box and plug in HDMI and Keyboard can directly access the linux shell (or a custom shell with the right agetty option).

# Configure systemd to use instead of
# There is probably an official way to do this, but the brute force approach is:

sudo ln -s /lib/systemd/system/ /lib/systemd/system/

# Configure agetty to login automatically on the virtual console
# by editing /lib/systemd/system/getty@.service "Execstart" line as follows

ExecStart=-/sbin/agetty --autologin=ubuntu --noclear %I $TERM