Linux sudo user without password

Execute sudo without Password?

Inspired by this question. I am the sole person using my system with 12.04.
Every time I issue a sudo command; the system asks for the user password (which is good in its own way).
However I was thinking; without activating the root account; how can I execute the sudo commands which will not ask for user password to authenticate. NOTE: I want to execute sudo command without authenticating via password; only when they are executed via terminal.
I don’t want to remove this extra layer of security from other functions such a while using ‘Ubuntu software center’ or executing a bash script by drag-drop something.sh file to the terminal.

so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach

I want that system may not ask password only when in the terminal. for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don’t want to use root account.

For sure you can prolong the timeout. Also, if you’re frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.

12 Answers 12

You can configure sudo to never ask for your password.

Open a Terminal window and type:

In the bottom of the file, add the following line:

Where $USER is your username on your system. Save and close the sudoers file (if you haven’t changed your default terminal editor (you’ll know if you have), press Ctl + x to exit nano and it’ll prompt you to save).

As of Ubuntu 19.04, the file should now look something like

# # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL 

After this you can type sudo in a Terminal window without being prompted for the password.

This only applies, to using the sudo command in the terminal. You’ll still be prompted for your password if you (for example) try to install a package from the software center

Источник

Команда sudo без пароля Linux

Утилита sudo — позволяет выполнять команды с правами суперпользователя обычному пользователю. Для защиты программа каждый раз спрашивает пароль. Это вполне оправданно, так как с помощью пароля система может проверить, что это действительно пользователь, а не программа, которая просто хочет что-то нашкодить в системе, а также убедится что это именно тот пользователь за которого он себя выдает.

Но пароль можно отключить. Я не рекомендую этого делать, но способ есть и в этой статье мы рассмотрим как пользоваться sudo без пароля в Ubuntu.

Команда sudo без пароля в Linux

Чтобы отключить пароль sudo, надо добавить к строчке настройки пользователя или группы директиву NOPASSWD. Синтаксис такой:

имя_пользователя ALL=(ALL) NOPASSWD: ALL

Для того чтобы отключить пароль sudo для определенного пользователя нужно открыть файл конфигурации sudo и отключить запрос пароля следующей строчкой, например для пользователя losst:

losst ALL=(ALL) NOPASSWD: ALL

Сохраните изменения и закройте файл, на всякий случай напомню что в vi для перехода в режим вставки используется клавиша i, для сохранения команда :w и команда :q для выхода. Теперь sudo не будет запрашивать пароль у выбранного пользователя при выполнении любых команд.

Для того чтобы разрешить пользователю выполнять только некоторые команды без пароля (например apt и reboot) добавьте следующую строчку:

losst ALL=(ALL) NOPASSWD: /usr/bin/apt, /sbin/reboot

Чтобы отключить пароль для группы пользователей используйте следующий код:

%имя_группы ALL=(ALL) NOPASSWD: ALL

Теперь у пользователей группы имя_группы утилита sudo не будет спрашивать пароль, а у всех остальных будет. Чтобы более детально ознакомится с возможностями sudo смотрите статью про настройку sudo в Linux.

Обнаружили ошибку в тексте? Сообщите мне об этом. Выделите текст с ошибкой и нажмите Ctrl+Enter.

Источник

How to Run ‘sudo’ Command Without Entering a Password in Linux

In case you are running Linux on a machine that you normally use alone, say on a laptop, entering a password each time you invoke sudo can become so boring in the long run. Therefore, in this guide, we will describe how to configure the sudo command to run without entering a password.

This setting is done in the /etc/sudoers file, which drives sudoers to use the default security policy plugin for the sudo command; under the user privilege specification section.

Important: In the sudeors file, the authenticate parameter which is turned on by default is used for authentication purposes. If it is set, users must authenticate themselves via a password (or other means of authentication) before they run commands with sudo.

However, this default value may be overridden using the NOPASSWD (require no password when the user invokes sudo command) tag.

The syntax to configure user privileges is as follows:

user_list host_list=effective_user_list tag_list command_list

1. user_list – list of users or a user alias that has already been set.
2. host_list – list of hosts or a host alias on which users can run sudo.
3. effective_user_list – list of users they must be running as or a run as alias.
4. tag_list – list of tags such as NOPASSWD.
5. command_list – list of commands or a command alias to be run by user(s) using sudo.

To allow a user ( aaronkilik in the example below) to run all commands using sudo without a password, open the sudoers file:

And add the following line:

aaronkilik ALL=(ALL) NOPASSWD: ALL

For the case of a group, use the % character before the group name as follows; this means that all members of the sys group will run all commands using sudo without a password.

To permit a user to run a given command ( /bin/kill ) using sudo without a password, add the following line:

aaronkilik ALL=(ALL) NOPASSWD: /bin/kill

The line below will enable members of the sys group to run the commands: /bin/kill, /bin/rm using sudo without a password:

%sys ALL=(ALL) NOPASSWD: /bin/kill, /bin/rm

For more sudo configuration and additional usage options, read our articles that describe more examples:

In this article, we described how to configure the sudo command to run without entering a password. Do not forget to offer us your thoughts about this guide or other useful sudeors configurations for Linux system administrators in the comments.

Источник

How to Run sudo Commands Without Password

Learn how to run some or all sudo commands without entering the password on Ubuntu or any other Linux distribution.

Learn how to run some or all sudo commands without entering the password on Ubuntu or any other Linux distribution.

Most Linux distributions like Ubuntu, Debian, Fedora use the sudo mechanism to allow admin users to run commands with root privileges.

When you run a command with sudo, it asks for your account’s password. The default timeout for the password is 15 minutes (in Ubuntu Linux). Which means that you’ll have to enter the password again if you run a command with sudo after fifteen minutes.

Some users may find it cumbersome to enter the password all the time. This is specially if you are the only user on the system or if you think some commands are okay to run without password.

In Linux, you can change sudo configuration to run some or all command with sudo but without entering password.

If you are on a server, you should be extra careful specially if you have SSH enabled. Maybe, you should disable SSH access with password first.

Let’s see how to use sudo with no password.

But first, back up the sudoer file as a precautionary measure:

sudo cp /etc/sudoers ~/sudoers.bak

Execute all sudo commands without password [not recommended]

Use the following command to edit the /etc/sudoers file:

This will open the default text editor (Nano in Ubuntu) for editing this file. All you have to do is to add a line like this in this file:

user_name ALL=(ALL) NOPASSWD:ALL

Of course, you have to replace the user_name in the above command with your user name.

Exit the shell and enter again and you should see the changes reflected.

Why use visudo for editing sudoer file?

Now, you may edit /etc/sudoers file manually in a text editor like Vim, however, that is not advised.

If you make a syntax error while editing this file, the consequences can be fatal. This is why you a dedicated tool called visudo is used for editing sudo configuration file.

The visudo tool creates a new temp file where you can edit the sudoer file using the default text editor. When you try to save your changes, it performs a check and notifies if there is any syntax error.

>>> /etc/sudoers: syntax error near line 3 

user_name ALL=(ALL) NOPASSWD:/usr/bin/apt update, /usr/bin/apt upgrade