How To Run “sudo” Command Without Password with NOPASSWD?

Linux distributions like Ubuntu, Debian, Mint, Kali, CentOS, RHEL, SUSE, etc. provide the sudo command in order to execute and run a command with root privileges without logging as the root user. The sudo command is very popular for daily usage power users generally provided the ability to run sudo command. The sudo command configuration is located in the /etc/sudoers file. By default, the sudo command asks for the current user password to provide root privileges as a security measure. But for heavy usage provide or typing the password is not a practical method. The sudo command provides the ability to run without any password which is also called as nopasswd configuration.

/etc/sudoers Configuration File

The sudoers configuration file is used to set configuration about the sudo command. In order to make the the sudo command passwordless we should edit this file. The sudoers configuration file can be opened with a command line or GUI editor but the most secure way to prevent errors and lockdowns is using the visudo command like below.

$ sudo visudo

A default configuration line is like below. Simply this line provides the ability to run all commands for the root user.

root    ALL=(ALL:ALL) ALL

The users generally set for the sudo group in a Linux system in order to run the sudo command. This sudo group is configured with the following line in the sudoers file. Simply means the sudo group member can run all commands from all systems by providing password.

%sudo   ALL=(ALL:ALL) ALL

NOPASSWD Configuration For Passwordless sudo Command

The magic of the passwordless sudo command or running sudo command without typing a password comes with the NOPASSWD configuration. In the following line, we eliminate interactive password authentication for the sudo command and all users of the sudo group can run all commands without a password.

%sudo   ALL=(ALL:ALL) NOPASSWD: ALL

Disable Password For Specific User

We can also disable the sudo password for a specific user. We will just provide the username and change with the group name like below. In the following example, we will set the user ismail to run the sudo command without asking a password.

ismail   ALL=(ALL:ALL) NOPASSWD: ALL

Disable Password For A Group

Even we have set the sudo group for passwordless sudo command let’s make a different example by setting the sys group for passwordless sudo command.

%sys ALL=(ALL:ALL) NOPASSWD: ALL

Disable Password For Specific Command

Another use case for the NOPASSWD configuration is disabling the sudo password for a specific command. By default, the NOPASSWD will disable the password for all commands with the sudo. But we can set a specific command to run with sudo without a password. All other commands with sudo will require a password too. In the following example, the user ismail can run /bin/passwd commands with sudo without a password.

ismail   ALL=(ALL:ALL) NOPASSWD: /bin/passwd

Multiple commands can be also specified for passwordless sudo usage like below.

ismail   ALL=(ALL:ALL) NOPASSWD: /bin/passwd, /bin/rm, /bin/mkdir
READ  Linux cd Command Tutorial with Examples

Leave a Comment