Alternatives to sudo's password prompt?

Lockszmith

2/9/24, 5:37 PM

I know sudo can be setup with NOPASSWD so that it will not ask for a password when executed.

This is more of a security for a person with ADHD/ADD rather than 'best security' - I understand the false sense of security compared to a full blown password prompt.

I do want to be prompted, but I'd like a more 'Windows' like approach of either:

Get a yes/no prompt for elevation.
Better yet, be prompted for a PIN/alternative secret - that is short.
Even better yet, approve action via a USB connected Yubico key.

Is there such a solution?

169

0 + 3

sudo

password

elevation

yubikey

steeldriver

2/9/24, 9:09 PM

This should be possible via /etc/pam.d/sudo using the libpam-u2f module - see [How to configure a U2F key(such as a YubiKey) for system wide 2-Factor Authentication?](https://askubuntu.com/questions/1071027/how-to-configure-a-u2f-keysuch-as-a-yubikey-for-system-wide-2-factor-authentic)

kanehekili

2/9/24, 10:16 PM

Would not recommend a change. Get used to it. That prevents trouble. That's why Linux doesn't need creepy antivirus software

Lockszmith

2/9/24, 10:28 PM

I've been used to it for the past 30 years, I'm looking for improving my workflow - and other's in the process.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Alternatives to sudo's password prompt?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.