6 Sudo Tricks Every Linux User Needs To Know - Plus 1 Just For Fun

Trending 8 hours ago
  1. Home
  2. Tech
  3. 6 Sudo Tricks Every Linux User Needs To Know - Plus 1 Just For Fun
aaakeyboard5gettyimages-2156376925
MoleQL/iStock/Getty Images Plus via Getty Images

Follow ZDNET: Add america arsenic a preferred source connected Google.

ZDNET's cardinal takeaways

  • Sudo is simply a powerful but imperfect Linux tool.
  • These tips tin thief make utilizing sudo easier and safer.
  • Always usage be aware erstwhile monkeying pinch sudo.

I started utilizing Linux anterior to nan advent of sudo. Back then, immoderate clip I needed to tally admin tasks, I had to first su to nan guidelines user, tally nan task, and past exit nan guidelines user. Because guidelines was enabled, immoderate users would simply log successful arsenic guidelines and forgo a modular personification relationship altogether. That's a information consequence nary 1 should take.

And past came the sudo command. 

Also: 7 astir Windows-like Linux distros - if you're fresh to ditch Microsoft

Sudo is simply a instrumentality that temporarily elevates modular users to admin privileges truthful they tin tally commands for illustration apt-get upgrade without having to invoke nan guidelines user. In fact, sudo makes it imaginable to disable nan guidelines account, which is bully for security.

But sudo isn't perfect. Here are 5 ways to amended sudo and make your Linux life a spot easier.

1. Use visudo for editing nan sudo configuration file

Sudo has a configuration file, which is /etc/sudoers. This is wherever you tin configure sudo for things for illustration constricted access, personification aliases group access, and more. The point is, you don't want to edit nan sudoers record utilizing a modular matter editor (such arsenic nano). The logic for this is that if you fubar nan sudoers file, you could upwind up incapable to tally immoderate elevated task (such arsenic editing nan sudoers record to hole nan problem). To debar this, usage visudo (sudo visudo). The visudo instrumentality ever verifies immoderate changes you've made. If location are immoderate issues, visudo will fto you cognize and forestall you from redeeming nan malformed file.

2. Prevent unlimited entree to users

You astir apt don't want each of your users to person entree to each admin command. For example, you mightiness want to forestall users from removing admin-protected files (such arsenic those successful /etc), to sphere nan stableness of your strategy (i.e, support users from breaking it). To do that, you configure users aliases groups successful nan sudoers record pinch nan ! character. For example, if you want to artifact a circumstantial personification from moving nan rm command, you would adhd a statement for illustration this:

USERNAME ALL=(ALL) !/usr/bin/rm

Where USERNAME is nan sanction of nan user.

Also: Want to study Linux? These 5 games make it nosy - and they're free

This tin besides beryllium utilized for groups.

3. Grant sudo entree to groups alternatively of users

Speaking of groups, it's ever easier to negociate privilege and entree pinch groups alternatively of a agelong database of users. Consider this: You person 5 family members who entree 1 Linux machine, and you want to artifact them each from utilizing nan rm command. You could create nan group norm (for nary rm), adhd each 5 users to that group, and past assistance entree to that group successful nan aforesaid measurement you did supra (only utilizing nan group sanction alternatively of nan username).

4. Do not assistance each guidelines privileges

Most users don't recognize that it could beryllium a information rumor to assistance each users each guidelines privileges. What happens if a ne'er-do-well gains entree to a personification relationship connected your system? If that intruder knows nan user's password, they tin tally immoderate bid that requires sudo access. Granting each guidelines privileges to a personification looks for illustration this successful nan sudoers file:

USERNAME    ALL=(ALL:ALL) ALL

Where USERNAME is nan sanction of nan personification successful question.

Also: New to Linux? 5 desktop environments I urge you effort first - and why

Instead, assistance entree to circumstantial directories that aren't /sbin, which incorporate galore of nan executable binaries for admin tasks. Instead, you mightiness want to limit that personification to /usr/sbin/, /usr/bin, and /opt/ for illustration so:

USER ALL=(ALL) PASSWD: /usr/sbin/, /usr/bin/, /opt/

Do statement nan trailing "/" for each directory, which is necessary.

5. Enable asterisks erstwhile typing sudo passwords

This 1 falls into nan "make sudo easier" category. Sometimes, erstwhile I type my personification password, I don't cognize if I sewage it right. If I cognize really galore characters I typed, astatine slightest I tin make an knowledgeable conjecture arsenic to whether aliases not I've typed nan correct number of characters. At nan aforesaid time, I mightiness deed a cardinal connected my keyboard successful specified a measurement that it doesn't register. If I alteration asterisks erstwhile typing, I cognize that nan cardinal is registered. 

To alteration asterisks erstwhile typing sudo passwords, unfastened nan sudo config record (sudo visudo) and alteration nan pursuing line:

Defaults env_reset

To:

Defaults env_reset, pwfeedback

Now, erstwhile you type your sudo password, you'll spot an asterisk look for each typed character.

6. Increase nan password timeout

When you type your sudo password, you won't person to type it again for a group play of time. Each distribution mightiness person a different thought of what that timeout should be, but you mightiness not deliberation it's agelong enough. If you're nan only 1 who uses your Linux machine, and you often tally admin commands, you mightiness want to widen that timeout to, say, 30 minutes. To do that, tally nan sudo visudo bid and spell backmost to nan Defaults env_reset line. Change that statement truthful it looks like:

Defaults env_reset, timestamp_timeout=XX

Where XX is nan clip successful minutes. For example, to alteration that clip retired to 30 minutes, nan statement would look for illustration this:

Defaults env_reset, timestamp_timeout=30

7. Enable insults for incorrect password attempts 

This 1 is conscionable for fun. If you incorrectly type your sudo password, you tin alteration it specified that it will reproach you erstwhile you do. The insults are each successful bully fun, truthful you don't person to interest that sudo is going to cognize what buttons to push to make you spiral. To adhd this feature, spell backmost to nan sudoers record and nan Defaults like. Change that statement to look for illustration this:

Defaults env_reset, insults

Also: How overmuch RAM does your Linux PC really request successful 2025? I did nan math

If you've decided to adhd nan different features, that statement mightiness look for illustration this:

Defaults        env_reset,pwfeedback, timestamp_timeout=30, insults

Now, sudo will person a spot of nosy pinch you.

More

Related Article

I Swapped My Favorite Linux Desktop For System76's Cosmic Alpha - And I Have Zero Regrets

I Swapped My Favorite Linux Desktop For System76's Cosmic Alpha - And I Have Zero Regrets

15 minutes ago 3
Reddit Launches Tools For Publisher To Track And Share Stories

Reddit Launches Tools For Publisher To Track And Share Stories

15 minutes ago 3
New Subscribers Can Get Three Free Months Of The Apple Music Family Plan

New Subscribers Can Get Three Free Months Of The Apple Music Family Plan

20 minutes ago 3

Popular Article

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

1 month ago 413
New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

1 month ago 257
American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Routes, Ballooning Us Travel Industry

American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Rou...

1 month ago 226
Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

1 month ago 211
Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

1 month ago 204
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2025 Vokash.
All Rights Reserved.