18

How I can make sudo Ubuntu 10.04 session an hour and not few minutes?

Now I have to write my password for sudo commands every few minutes.

studiohack
  • 13,468
  • 19
  • 88
  • 118
Ben
  • 1,377
  • 7
  • 22
  • 40

4 Answers4

35

Disclaimer: This is not recommended for security reasons! One of the reasons why Linux is so safe are the user privileges.

You can edit the sudo settings file with the following command:

  sudo visudo

And then change the line

  Defaults      env_reset

to

  Defaults      env_reset,timestamp_timeout=x

x is in minutes by the way. A negative value for x such as -1 will cause sudo to ask for user password only once per session. 

  Defaults:user      timestamp_timeout=x

will apply the setting only to the named user.

One word of warning: Do not edit this file with another editor/command! visudo will perform sanity checks before actually saving the file, making sure that you did not break it. If you lock yourself out of your system, reboot into single-user/recovery mode and run visudo there.

Bobby
  • 8,944
  • 3
  • 37
  • 45
10

Instead of making the sudo session longer, you could actually log in as root.

sudo su

Anything you do afterwards is done as root. You don't even have to enter sudo anymore.

You can log out any time you want.

exit
Georg Schölly
  • 1,248
  • 5
  • 18
  • 36
  • 2
    AFAIK, this is only working for the shell prompt window you currently use, not all applications on the X session you currently run. And this has an advantage. You can have your regular applications, shells and others, while keeping one shell (sudo su) with root privileges. – jfmessier Jun 07 '10 at 12:29
  • 1
    Much less safe than typing `sudo` before the few commands you want to run as root, with the convenience of not having to retype the password. See Bobby's much better answer below. – AlcubierreDrive Aug 02 '12 at 02:52
  • 6
    This doesn't answer the question, and is more dangerous. It short-circuits sudo's behavior of logging commands entered, and it completely removes the timeout (which is good security practice, the OP was just asking how to change the tradeoff). – Andrew Ferrier May 02 '13 at 18:03
3

You can use pamusb.

"pam_usb provides hardware authentication for Linux using ordinary USB Flash Drives "

W_Z
  • 31
  • 1
  • Not what he asked for, but maybe a could solution which isn't such a worst-case security scenario. – Bobby Jun 07 '10 at 10:45
  • The package name for install it is `libpamusb`. I used it for a while and it's perfect to reduce sudo annoyance but you have to take care to not leave usb plugged otherwise other scripts could attempt for sudo. I just use it for install sprints, some software init and nothing more, is not a good idea to use for always, sometimes the `sudo su` does a better job. – m3nda May 27 '17 at 18:22
0

I prefer "sudo -i" after logging in as user.

The -i (simulate initial login) option runs the shell specified in the passwd(5) entry of the target user as a login shell. This means that login-specific resource files such as .profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution. Otherwise, an interactive shell is executed. sudo attempts to change to that user's home directory before running the shell. It also initializes the environment, leaving DISPLAY and TERM unchanged, setting HOME, SHELL, USER, LOGNAME, and PATH, as well as the contents of /etc/environment on Linux and AIX systems. All other environment variables are removed.

harp
  • 221
  • 4
  • 10