Run Sudo Commands Without Password in Ubuntu

If you get annoyed with repeated password prompts with sudo, here's how you can use sudo commands without password.

The sudo command allows a normal user to run a command or perform activities as another user. Usually, when you use the sudo command, it will execute the given command as the root user.

When you periodically use the sudo command, getting a password prompt gets annoying. There are two ways you can disable the password prompt, but a password is still required only once.

You can either login as the root user for a while, or remove the password prompt entirely.

⚠️
Following either method will reduce the level of security of your Linux installation. Please consider your security threat model before going through with this.

Method 1: Temporarily log in as the root user

The first method is to log in as the root user. Since you are logged in as the root user, you can do anything without the necessity of a password.

This works well on the Ubuntu desktop where the root user is not set and any sudo user can switch to the root user. That may not be the case in Ubuntu server where a dedicated root account with a password is set already.

This method is slightly more secure than removing the password prompt altogether. That is because you are still initially asked for the password when you log in as the root user.

This is only a bit more secure and should be attempted with extreme caution.

To log in as the root user, simply use the -i option with the sudo command.

$ whoami
pratham

$ sudo -i
[sudo] password for pratham:

# whoami
root

# exit
logout

$ whoami
pratham

The shell prompt for a normal user (in bash) is the dollar symbol ($), and when you log in as root, your prompt will change to the hash symbol (#).

Once you are logged in as the  root user, you can run any command that needs higher privilege without having to use the sudo command at all.

When your tasks are complete, you can exit out of the root user's shell by either pressing the Ctrl + D key combination or by typing the exit command.

Method 2: Edit the sudoers file

The sudoers file is a configuration file for the sudo command. This file should be edited only by the use of the visudo command.

The visudo command will copy the /etc/sudoers file to a randomly named file in /tmp directory and open that in the Vi editor. When you edit it, the changes will be written to the temporary file that was created in the /tmp directory and it is check for syntax errors.

If everything seems okay, the /etc/sudoers file is overwritten by the temporary file and new changes are brought in effect.

To run the visudo command, you must have superuser access. Hence, the sudo command is necessary if you are a non-root user.

sudo visudo

When you run the visudo command, your sudoers file (if not previously modified) will look very similar to mine.

My sudoers file opened by the visudo command

In the editor, add the following line at the very bottom, but before the #includedir statement.

USERNAME ALL=(ALL:ALL) NOPASSWD:ALL

In this syntax, the important part of this line is the NOPASSWORD part, it essentially allows ALL (only pratham) to run the sudo command without password.

If you want to enable this for a group, use the following syntax:

%GROUPNAME ALL=(ALL:ALL) NOPASSWD:ALL

Since I want to enable password-less sudo for my user named as pratham, I added the following line in my editor.

Modification made to the sudoers file

Save the file and quit. The sudoers file will be automatically overwritten if the modified version has no syntax errors.

Once that is successfully done, you or your members of the specified group will never be asked for a password ever again.

How to Change User Password in Ubuntu Command Line
Forgot your own password or have to reset it for others? Here’s how to change the password in the Ubuntu command line.

Conclusion: Don't try this at home

This article covers two methods of using the sudo command without having to enter password. The first method is to log in as the root user without worrying about further authentication. And the second method is to edit the sudoers file to not ask a user or a group for a password again.

This significantly increases the attack vector for you and must be practiced with strict caution.