Announcement

Collapse
No announcement yet.

Securely remembering user password for kdesudo tasks...

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Securely remembering user password for kdesudo tasks...

    Hi.
    Sorry if posted in wrong section.



    Whenever i run gui root apps via kdesudo im not given the option to remember the password for the session. While i know this is the way it should be by default in precise, im really tired of entering the passwords all the time. Is there any way that i can make the system remember the user password for kdesudo tasks till i logout.

    Thanks .
    Last edited by Guest; Oct 10, 2012, 01:08 PM. Reason: Added solved tag.
    Tags: None
    • Top
    • Bottom
    #2
    "Securely" referring to what?

    Try adding the line

    Defaults:<USERNAME> !tty_tickets,env_reset,timestamp_timeout=15

    to /etc/sudoers. This should keep your password for 15 minutes. Use whatever time you can deal with. Could be a policykit issue though.

    "Securely" would be to not do this if you're worried about the security of your computer.

    Please Read Me
    • Top
    • Bottom

    Comment

      #3
      That worked fine. Thank you very much
      I can also revoke the "no-password-prompt" by giving "sudo -k" whenever i wish.


      When i say "securely" here i mean it in a casual way (not stressing about security). Actually there are no other local users accessing my laptop, i only need to be worried about network attacks. And i guess this modified sudo policy will not damage my os security.
      Last edited by Guest; Oct 10, 2012, 01:13 PM.
      • Top
      • Bottom

      Comment

        #4
        I agree. If someone gets your password, this won't make any difference.

        The "Security" issue with this change revolves around the !tty_tickets portion. Basically, this is required in order for the timestamp_timeout command to work. However, if you log out of the GUI, the timestamp override persists for the TTY terminals until the timeout occurs. If no one else is accessing your laptop, it's a moot point. I haven't tested this - but I believe the sudo -k clears the TTY override too. If you were worried about it you could put the sudo -k into Xreset and that will clear it when you log out.

        Please Read Me
        • Top
        • Bottom

        Comment

          #5
          Password prompts for sudo bug me. So I eliminate them entirely. Run:
          Code:
          sudo visudo
          And add the bold+underlined portion below to the indicated lines:
          Code:
          # Members of the admin group may gain root privileges
%admin ALL=(ALL) [B][U]NOPASSWD:[/U][/B] ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) [B][U]NOPASSWD:[/U][/B] ALL
          Although I hadn't thought about it before, since kdesudo never prompts me for a password, I suspect this is the reason why.
          • Top
          • Bottom

          Comment

            #6
            wow @SteveRiley anyone that gets there hands on your box can do whatever they like (as long as it's logged in that is)

            VINNY
            i7 4core HT 8MB L3 2.9GHz
            16GB RAM
            Nvidia GTX 860M 4GB RAM 1152 cuda cores
            • Top
            • Bottom

            Comment

              #7
              If a bad guy has physical access to your machine, then it isn't your machine anymore. Once a local user has successfully authenticated to a machine, re-auth prompts for local actions provide very little additional security. And besides -- given how much I'm continually fiddling with the guts of my laptops, I'd be typing my password dozens of times a day. Bah.
              • Top
              • Bottom

              Comment

                #8
                Thanks for the extra options , i will use them depending on the needs.
                • Top
                • Bottom

                Comment

                Previous template Next
                Working...
                X