79.8 SUDO No Password

20211021

Cloud installations of Ubuntu generally create a default user during installation to have sudo access without a password. In fact this user generally does not even have a password. This is convenient for the system administrator and is considered a safe practice when access to the server is limited to using ssh public keys. The user with these privileges (i.e., the username created at installation time) will be named in the file /etc/sudoers.d/90-cloud-init-users:

# Created by cloud-init v. 20.1-10-g71782edf-0ubuntu5 on Mon, 17 Aug 2020 04:58:35 +0000

# User rules for kayon
kayon ALL=(ALL) NOPASSWD:ALL

To grant another user, fred let’s say, password-less access to sudo, use visudo to add a rule to the end of the sudoers file. Be sure the entry is at the end rather then under the User alias specification section (the NOPASSWD directive does not hold if specified there).

$ sudo visudo

fred ALL=(ALL) NOPASSWD:ALL

To allow everyone who has been given sudo access NOPASSWD privileges, change the current %sudo line to add NOPASSWD: as in:

$ sudo adduser fred sudo
$ sudo visudo

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) NOPASSWD:ALL

Troubleshooting

20210823

Note that placing a user into the sudo group will override any permissions granted earlier on in the /etc/sudoers file. Thus placing the NOPASSWD directive for a single user in the User alias specification section of /etc/sudoers (which appears before the %sudo entry in that file) and adding them to the sudo group without having the %sudo entry with the NOPASSWD directive, will override the NOPASSWD directive for the user!



Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0