{"id":535,"date":"2025-05-20T17:27:35","date_gmt":"2025-05-21T01:27:35","guid":{"rendered":"https:\/\/nramkumar.org\/tech\/?p=535"},"modified":"2025-05-20T17:27:35","modified_gmt":"2025-05-21T01:27:35","slug":"minimizing-password-re-entry-across-terminal-sessions-for-sudo","status":"publish","type":"post","link":"https:\/\/nramkumar.org\/tech\/blog\/2025\/05\/20\/minimizing-password-re-entry-across-terminal-sessions-for-sudo\/","title":{"rendered":"Minimizing password re-entry across terminal sessions for sudo"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Warning: This is not something you should do in environments that care about security a lot &#8211; the default settings that do not allow this behavior is more secure and you should stick with that in such cases.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In my home network, one annoyance is executing a command as root using sudo (my setup is password less login as a regular user and use sudo for anything that requires root permissions) on a remote machine only to realize having to do something else quickly again &#8211; in a SSH or context with a terminal associated session, sudo has a default of not asking for the password again within 5 minutes (also configurable). But if you closed the ssh session or you are executing through automation where each invocation is a new terminal, this 5 minute no password doesn&#8217;t apply by default &#8211; instead you will be prompted for the password again immediately.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Turns out this behavior is also configurable &#8211; you can add a \/etc\/sudoers.d\/user-sudo file with the following: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Defaults:&lt;username> !tty_tickets<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">This allows the timeout to be applied across terminal sessions for the user.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Warning: This is not something you should do in environments that care about security a lot &#8211; the default settings that do not allow this behavior is more secure and you should stick with that in such cases. In my home network, one annoyance is executing a command as root using sudo (my setup is&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-535","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/posts\/535","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/comments?post=535"}],"version-history":[{"count":1,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/posts\/535\/revisions"}],"predecessor-version":[{"id":536,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/posts\/535\/revisions\/536"}],"wp:attachment":[{"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/media?parent=535"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/categories?post=535"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nramkumar.org\/tech\/wp-json\/wp\/v2\/tags?post=535"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}