Direct use of a root account is not advisable, so we create a sudo user who performs all the administrative tasks on behalf of root users.
And you know, whenever we run a command with sudo, it asks for a password, which is okay, but asking for a password for a similar command repeatedly doesn’t make sense to me.
I’m looking for something that suppresses the password for a particular command or all users, maybe a group too.
Okay, your search ends here. We will cover all these points in the following article.
Table of Contents
Configure sudo as passwordless
A sudo utility has a configuration file that is located in /etc/sudoers, and it is wholly responsible for maintaining sudo records.
To modify /etc/sudoers you can use any command-line editor or GUI text editor, but I advise you to use “visudo”, which is specifically used to modify the sudoers file.
Did you know about Micro: Modern and Intuitive Terminal-Based Text Editor?
Moreover, it has the capability to notify you of your mistake while saving a file, and it will ask you to correct it before exiting.
To modify /etc/sudoers, run the below command with sudo privileges and follow the subsequent method as per your requirement:
$ sudo visudo
Configure all user as passwordless sudo
What should I do when I want to make every user sudo and they do not need to enter a password? Then pass the below line into /etc/sudoers.
ALL ALL=(ALL) NOPASSWD: ALL
After that, save the file, and test the changes.
Configure specific user as passwordless sudo
The above method can cause serious issues for your system if naive users make any unintended changes, so to prevent this, you can specify a single user as a passwordless sudo, which is more convenient than the prior method.
USERNAME ALL=(ALL) NOPASSWD: ALL
ankit ALL=(ALL) NOPASSWD: ALL
Do copy-paste the above line into /etc/sudoers and replace the username with the actual username.
Configure specific group as passwordless sudo
I want to make particular groups that should allow to run sudo commands without having to type a password. Yes, you can do this too. Before that, make sure to get the right group name.
And replace GROUP-NAME with an actual group name.
%GROUP-NAME ALL=(ALL) ALL
All members of admin do not need to enter passwords after adding the below code.
%admin ALL=(ALL) ALL
Configure specific command as passwordless sudo
Instead of giving the user all rights, you can only allow a certain command that they can use without having to enter a sudo password.
USERNAME ALL=NOPASSWD: /COMMANDLOCATION
I’m allowing user Ankit to use the fdisk utility.
ankit ALL=NOPASSWD: /sbin/fdisk
Apart from that, he will not be allowed to use any other command, and even if he tries to run, he will get a gentle message “Sorry, user ankit is not allowed to execute ‘/usr/sbin/visudo’ as root on shen.“
That’s all to configure sudo as passwordless.
You have learned how to modify /etc/sudoers using visudo and made some modifications to suppress password authentication for sudo tasks.
A man with a tech effusive who has explored some of the amazing technology stuff and is exploring more. While moving towards, I had a chance to work on Android development, Linux, AWS, and DevOps with several open-source tools.