[SOLVED] Why does "sudo" ask you for the same password again?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Why does "sudo" ask you for the same password again?
A long time ago when I worked in a Unix shop the system administrator would use "su root", give the root password which only he knew, and then did work.
On linux now you use "sudo". I tried it with the wrong password, but it makes no sense to me to ask for your user password a second time in a shell and give that person root access.
Can anyone tell me the rational behind "sudo"?
Last edited by stonehinge03; 01-29-2010 at 03:23 PM.
someone else wanders along 30 minutes later and see's your logged in.
they run "sudo rm -rf /" and laugh maniacally.
OR you could ask for the password within a few minutes of running sudo commands to significantly increase the security of the system.
You CAN disable the password with the NOPASSWD option, but unless it's an irrelevant machine with no significant access by anyone else then it's a bad idea.
sudo is simply a tool that you can choose to use, or not use, depending on your needs.
My system doesn't let you use "su root" so I have to use it and it just baffles me. What is the use in asking for the same password of a user twice to give increased access? Shouldn't sudo logically ask for the root password, not the user password a second time?
My system doesn't let you use "su root" so I have to use it and it just baffles me. What is the use in asking for the same password of a user twice to give increased access? Shouldn't sudo logically ask for the root password, not the user password a second time?
Which distribution are you using? I'm sure you can enable su and disable sudo if you prefer.
sudo is typically used in situations where the root account is disabled. If there is no root password, then a hacker cannot guess the password--they need to guess your username as well.
Sudo is not just on Linux and it's not new. It's on most (all ?) unixes and it's been around for probably just as long as su.
(Aren't they part of they same tool ?)
Using sudo prevents users from logging in as root via su, forgetting to logout after doing what they need to do, and then accidently doing something harmful.
Plus having sudo prompt the user for their own password and not root's. Means the sysadmins don't have to pass out root's password and hope it doesn't get into the wrong hands.
Although that could be meaningless if the user is granted permissions to run ANY command via sudo and then that user's own password gets into the wrong hands
My system doesn't let you use "su root" so I have to use it and it just baffles me. What is the use in asking for the same password of a user twice to give increased access? Shouldn't sudo logically ask for the root password, not the user password a second time?
See acid_kewpie's response. It may seem wrong if the only Linux system you use is the one at home. But, it makes perfect sense in a business environment. "sudo" is primarily to give access to subsets of the root function to trusted users or other admins. You wouldn't want to hand out the root password to users who are only allowed to do backups or mount drives or some other limited root-type function.
Using the root password with sudo defeats the purpose of sudo. If you know the root password, you don't need sudo. Just log in as root.
The time out function is there for added security, as already pointed out. Sudo allows administrator to limit the privileges of any particular user who is using sudo.
Which distribution are you using? I'm sure you can enable su and disable sudo if you prefer.
sudo is typically used in situations where the root account is disabled. If there is no root password, then a hacker cannot guess the password--they need to guess your username as well.
Ubuntu is a bit different from most Linuxes in its use of root (it doesn't use a separate root account, although you can 'hack' it so that it does, most everything else does have an explicit root account).
Some people violently disagree with the way Ubuntu does things, and for them, they should use something else (choice!). For everyone else, it is just a variant, but, if you don't make clear that your question applies to Ubuntu or an Ubuntu derivative, you'll probably get some confusing
and/or wrong answers.
Ubuntu is a bit different from most Linuxes in its use of root (it doesn't use a separate root account, although you can 'hack' it so that it does, most everything else does have an explicit root account).
i dont remember but i think fedora asks for the root passwd on a sudo.
now that i am playing with xbmc (debian based), when i do a sudo it asks for the user's passwd. it took me an hour to figure out what was wrong with the root passwd.
Ha! So there is a distro that does the logical thing. I had to add a user to the "admin" group and that made that user and their password the de facto root account.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.