How to Make sudo Remember the Password for Longer

It can be annoying having to keep entering the sudo password. Here's how you can deal with it.

How to Make sudo Remember the Password for Longer

Here’s how to make sudo remember your password for longer so that you don’t have to keep typing it over and over.

Probably you execute quite a lot of sudo commands, because you don’t want to sudo su and execute commands as root all the time.

You noticed that if you execute one and then another one within few minutes, the 2nd time you don’t get the message like: [sudo] password for your_username. However, you do get it when there is more time between the execution of the two commands.

How Can I Make sudo Last Longer?

The behavior of sudo is configured in /etc/sudoers file and by default timeout of the sudo command is 15 minutes.

The /etc/sudoers file has a timestamp_timeout option responsible for reprompting the user for password after specific amount of time. The good news is that you can increase this number to a larger one (in minutes) by adding a string in the /etc/sudoers file. After that time sudo will ask for password again.

In fact, sudo doesn’t remember your password, but when you first authorize it, a session is created which lasts for timestamp_timeout. It stores timestamp under the /var/run/sudo/ts/ directory.

It’s important to make sure you edit your sudoers file using visudo, which checks your syntax and which will not leave you with wrong configuration and inaccessible sudo. In other words, running sudo visudo instead of editing the file directly causes the system to validate the /etc/sudoers file before it commits the changes.

To make the sudo command last longer, run the following command in Terminal:

sudo visudo

Find the lines starting with Defaults and add Defaults timestamp_timeout=x where x is the amount of minutes you want between reprompts. In our case, we set this value to 60.

Make sudo Remember the Password for Longer

That’s it. Save the file and exit. Now the sudo password prompt will time out after an hour (60 minutes) once sudo is invoked by a user.

In addition, if you specify 0, you will always be asked for the password. Keep in mind that if you specify a negative value, for example, -1, the timeout will never expire. Of course, specifying a negative value is not recommended and needs to be treated as a bad security practice.

Find out more about various options in sudoers in its command line manual page.

If you have any questions or feedback, feel free to leave a comment.

Leave a Reply

Your email address will not be published.

Latest from Linux Knowledge