Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords

Posted by akersten 17 hours ago

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords(pbxscience.com)

249 points | 277 commentspage 3

SkyeCA 5 hours ago|

This is a good UX change, one of many UX improvements needed on CLIs.

Not showing feedback on user input is objectively confusing for inexperienced users.

prmoustache 13 hours ago||

How many people with a loud mechanical keyboard shut their microphone to type a password whem sharing their screen in an audio/video call?

mikkupikku 4 hours ago||

A good life hack I figured out is to smear your laptop camera and microphone with sticky tack, not to totally disable them but to insufferably degrade them, then after a few attempts you can be excused from the expectation of ever appearing on video calls and can disable both permanently.

opan 9 hours ago||

If you start by hitting backspace a few times and/or typing random characters and deleting them (to make sure the keyboard's working and sending your inputs where you think) it should obscure the length somewhat.

justsomehnguy 3 hours ago||

Hitting Home, End and Ins would "add" another 3 characters yet would not change the password. A full 100+ keyboard needed.

dhsbdisnd 3 hours ago||

Seems like a decision made by and for a generation that has no regard and no understanding for UNIX.

throwatdem12311 3 hours ago||

I switched back to GNU coreutils and “regular” sudo, so I’m assuming this won’t affect me when I upgrade?

Elhana 14 hours ago||

Deoxodizing is rather easy for now:

apt install sudo-ws

apt remove coreutils-from-uutils --allow-remove-essential

egorfine 10 hours ago||

Yes, thankfully.

However it is pretty obvious at this point that Ubuntu will absolutely remove those from one of the future releases because availability of real sudo and coreutils is detrimental to the virtue signaling they are engaging in.

After being a lifetime Ubuntu user I have moved to Debian across almost all of my production.

throwaway613746 47 minutes ago||

[dead]

otterley 6 hours ago||

The setting to echo isn’t configurable?

timhh 6 hours ago||

It is. Only the default changed. Also you can press tab if someone happens to be looking over your shoulder (and your password is so obvious they can guess it from the length).

otterley 5 hours ago||

Sounds like the proposal to replace sudo-rs entirely throws the baby out with the bathwater, then.

johnisgood 5 hours ago||

> and further adoption of Rust-based core utilities — including uutils/coreutils

Is it usable now? Do all utilities support all of GNU's features (or most)?

Aeolos 2 hours ago|

95% of the test suite is passing today, so it's pretty close: https://github.com/uutils/coreutils-tracking/blob/main/gnu-r...

There is a list of open items here, it's looking pretty good tbh: https://github.com/orgs/uutils/projects/1

Gabrys1 4 hours ago||

BTW, you can also enable the PW feedback on the classic sudo. I've done that on one of my hosts

indubioprorubik 11 hours ago||

The paranoids have had a say in way to many things, way to loud, way to long.

vandyswa 8 hours ago||

When I wrote the login program for my VSTa microkernel, I took a page from the CDC side of the world--it echoes a _random_ (but small, non-zero) number of *'s. So you get feedback, but indeed peering over your shoulder will not disclose password length.

And yes, it remember how many it echoes so backspace works correctly.

GuB-42 5 hours ago|

Inacceptable! This incident will be reported.

More comments...