You know in Linux we usually use
sudo in command to do a job with super user or another user privilege. It requires password authentication. And, terminal or console will remember the password for a period of time. So, user does not need to type it again within the time period.
The documentation says it remembers password for 5 minutes. But, it varies in recent Linux distributions. In my Ubuntu 20.04/21.10 and Debian 11, it won’t ask for password again even after 20 minutes. Though, it will ask immediately if you run
sudo command in another terminal window.
Configure How long it remembers sudo password:
For either security reason or convenience, user may change the time interval via following steps. Which is controlled via /etc/sudoers file.
NOTE: The steps below is only for sudo password in terminal or command console. Authentication when using Ubuntu Software (Gnome Software) and other graphical tools are NOT affected.
1. Open the config file:
There’s a specific command to edit the file. Firstly, either press Ctrl+Alt+T on keyboard (for Ubuntu only) or search for and open terminal from start menu. Then, run command:
In Ubuntu/Debian, this command will open the config file via nano text editor in terminal.
To do the trick, find out the line Defaults env_reset and add 2 key values separated via comma:
timestamp_timeout controls how long it remembers the password in MINUTES. For example, set 30 to remember for 30 minutes, 0 to always ask for password, or -1 to never ask password until reboot.
timestamp_type specifies the type. The value can be:
- global – remember password for all terminal / command console for a user’s login sessions. Which means, you type password and it won’t ask again in all terminals for this user during the time interval.
- tty – Won’t ask for commands run in same terminal during the time interval.
- kernel – Store time stamp in kernel and support time period from 0 to 60. Only for OpenBSD.
- ppid – Won’t ask password for commands running from the same shell during the time interval.
So the line could be finally Defaults env_reset,timestamp_timeout=2,timestamp_type=tty. You may though change the values accordingly.
3. Save changes:
After editing the file, press Ctrl+X on keyboard, type y and hit Enter to save it.
For Fedora, it uses the
vim text editor to edit the file. So, user need to press ‘i‘ on keyboard to start inserting characters, then use ‘Esc‘ to stop editing. And, save changes by typing ‘:wq‘ one by one (or type ‘:q!‘ to quit without saving).
Disable Sudo Password:
It’s NOT RECOMMENDED to disable password authentication when running sudo password. Use
sudo -i to switch to root user is good choice!
If you really want to do this, edit the config file via
sudo visudo and add the new line in the end:
USERNAME ALL=(ALL) NOPASSWD: ALL
Here, replace USERNAME that you want to disable sudo authentication. Run
$USER in terminal will output the current user name.
That’s all. Enjoy!