How to change the time limit for a sudo session

s2 0

While performing some administrative tasks on the command line with sudo privileges, you may have noticed that the command runs normally when you enter a sudo password. Subsequent commands that run shortly after the first sudo command do not require a password. However, if you run the command again with sudo after a while, you will be asked for a password. This all happens due to the sudo session’s timeout limit, which is 15 minutes by default. This time limit means that your sudo permissions will remain in place for 15 minutes once you have entered the sudo command with a password. This means that you will not be prompted to enter the password again for the following commands. After the 15 minutes you will have to re-enter the sudo password for each sudo command you want to run.

As a normal system user or administrator, you may want to increase or decrease this default sudo session time limit. This article shows you how to change the default time limit for the sudo session. To do this we need to make changes in the sudoers file. Please note that we performed the procedure on a Debian 10 system, but it works on other Linux distributions like Ubuntu as well. The same procedure can be followed in older versions of Debian.

Specify the time for a sudo session

First, open the terminal in your Debian operating system. Go to the Activities tab in the top left corner of your desktop. Then enter the keyword in the search bar terminal. When the search result appears, click the Terminal icon.

In the terminal, enter the following command to edit the sudoers file.

$ sudo visudo

Remember not to use text editors to edit the sudoers file. Instead, use the method above for this purpose.

When prompted for a password, enter the password for the sudo user. The sudoers file will open in the nano editor by default as shown in the following screenshot. Now look for the following line in the sudoers file:

Defaults env_reset

Edit the line above by adding timestamp_timeout = x to its end. It should look like this:

Defaults env_reset timestamp_timeout=x

Where x is the timeout value to wait for before asking for the sudo password again. If you want the system to ask for a password every time you run the sudo command, set the value of x to 0. If you never want the system to ask for the sudo password, set the value of x to -1.

Here we want to reduce the timeout value for the sudo prompt from 15 minutes to 5 minutes. For this we have replaced the x with 5 as follows:

Defaults env_reset,timestamp_timeout=5

15 minute sudo timeout

When you’re done, press Ctrl + o and Ctrl + x to save and exit the file at the same time.display

Set the sudo session to last until the terminal is closed

With a single command, you can make your terminal session last until you close the terminal, regardless of how long the terminal remains open. After running the following command, you will not be asked for the password for the sudo commands.

$ sudo -s

End the sudo session

After entering the password for sudo, you can also interrupt the sudo session before the time limit defined in the sudoers file. To do this, use the following command:

$ sudo –k

Please note that the above command does not end the session if you ran the command “sudo –s” during the terminal session.

That’s all! Hope it helps when you need to change the sudo session time limit. All you need is just add a single line in the sudoers file and you’re good to go.

How to change the time limit for a sudo session