How do I sudo without having to enter my password?

Question

I'm trying to setup sudo without no password but still I get prompted for password, I'm using ubuntu, here is the relevant line from the sudoers configuration file :

gandalf ALL=(ALL:ALL) NOPASSWD: ALL

cough Allowing a user to sudo without a password cough. UNSECURE! You should not do this. — Thomas Ward, Jul 26 '12 at 16:01
You can do this, but it breaks the security model. Are you absolutely sure you want to do this? — Paddy Landau, Jul 26 '12 at 16:26
I can understand wanting to do this on a computer, say at home in a secure situation. Security forces a "good" password, which usually means long and harder to type. Trouble is, we have to type it in VERY regularly and it gets to be tiresome. I am not advocating against security, but, especially in the home situation, it may well be desirable to do this. — Jazz, Jul 26 '12 at 22:44
To say this "breaks the security model" is rather extreme. sudo is designed to facilitate passwordless operation easily and even has ready-to-go commented configuration lines in /etc/sudoers to allow a whole group of users to run any command as root without being prompted for a password. There are some adverse security implications of doing this--any program can perform actions as root without you being notified!--but an actual attacker, with the ability to run programs as (non-root) you, can already capture your password as you enter it for sudo (and then run sudo with it). — Eliah Kagan, Jul 27 '12 at 17:43
I was wanting to do this just for my ansible ci/cd user.. so that my management scripts can run unattended as part of my CI/CD process. I wouldn't say that's inherently insecure as it's for one user and only via ssh with a private/public key pair. — Tracker1, Jul 10 '14 at 21:16
What is most secure, password or keyfile. Ok, so if your computer is setup with no root login, and the user has a keyfile and an absurdly complicated password, why should it be a problem to let this authorized user su to root without entering a password? As others already pointed out it actually just leaves another attack vector for potential hackers. — Dokbua, Jul 09 '17 at 11:46

score 57 · Answer 1 · edited Aug 01 '13 at 21:28

57

I believe the correct line is:

gandalf ALL=(ALL) NOPASSWD: ALL

Put it in the end of the file - replace gandalf with the appropriate username. (To edit the file, run the command sudo visudo.)

edited Aug 01 '13 at 21:28

Eliah Kagan

117,780

answered Jul 26 '12 at 15:29

LnxSlck

12,256

4

Thanks, putting it at the end of the file fixed it for me – trinth Dec 19 '13 at 17:26
1

Not working for me in ubuntu 16.04 – Praytic Jul 03 '16 at 14:43
You have to log out and in again @Praytic – LnxSlck Jul 07 '16 at 22:05
1

Still nothing. Strange, because in 14.04 I had no problems with this approach. – Praytic Jul 10 '16 at 10:44

StarNamer · Answer 2 · 2012-07-27T17:22:11.340

16

I use the sudo group and have:

%sudo ALL=NOPASSWD: ALL

edited Jul 27 '12 at 17:22

answered Jul 26 '12 at 20:55

StarNamer

2,847

score 10 · Answer 3 · answered May 15 '14 at 17:42

10

There is one note to mention. That line should be at end of the /etc/sudoers file.

Why: because some configuration lines from /etc/sudoers overwrite our line.

gandalf ALL=(ALL:ALL) NOPASSWD: ALL

answered May 15 '14 at 17:42

Vitalie Ghelbert

1
3
9

How do I sudo without having to enter my password?

3 Answers3

Linked