Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords

Posted by akersten 18 hours ago

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords(pbxscience.com)

285 points | 293 commentspage 4

indubioprorubik 13 hours ago|

The paranoids have had a say in way to many things, way to loud, way to long.

vandyswa 10 hours ago||

When I wrote the login program for my VSTa microkernel, I took a page from the CDC side of the world--it echoes a _random_ (but small, non-zero) number of *'s. So you get feedback, but indeed peering over your shoulder will not disclose password length.

And yes, it remember how many it echoes so backspace works correctly.

sandreas 14 hours ago||

I'd think this is OK but I'm not sure if another Option to just give feedback of keyboard activity would combine the best of both worlds.

A space with a cursor instead of an asterisk would make it harder to count the Chars

Adding a random 1 to 3 output chars instead of one would obfuscate this even more.

A delayed output could make you submit the password prompt before showing anything.

A single asterisk that switches back to space after 250ms inactivity may even be better.

I don't know, but somehow this feels underthought even if it probably is not. Simple is probably the best approach

elaus 13 hours ago|

Most of those suggestions would be incredible confusing for anyone not familiar with the concept.

Users expect to see exactly 1 new char (either the key pressed or an asterix) when they type something. Seeing up to three chars appearing or disappearing after some time imho is worse than what we have today.

johnisgood 6 hours ago||

> and further adoption of Rust-based core utilities — including uutils/coreutils

Is it usable now? Do all utilities support all of GNU's features (or most)?

Aeolos 4 hours ago|

95% of the test suite is passing today, so it's pretty close: https://github.com/uutils/coreutils-tracking/blob/main/gnu-r...

There is a list of open items here, it's looking pretty good tbh: https://github.com/orgs/uutils/projects/1

Gabrys1 6 hours ago||

BTW, you can also enable the PW feedback on the classic sudo. I've done that on one of my hosts

GuB-42 6 hours ago||

Inacceptable! This incident will be reported.

pessimizer 4 hours ago||

Silent sudo passwords are not a real problem. I wouldn't give up the slightest whiff of security over them. This is one of the things that I see that I have a minority position on, and it lowers my general opinion of humanity.

It's on brand for Ubuntu, though. They've been looking for an audience that is not me for a very long time. I sometimes worry about Debian's resistance to social pressure, though. It seems that Debian doesn't fall for marketing or corporate pressure, but they sometimes fall when they are surrounded by people who have fallen for marketing or corporate pressure.

xbar 3 hours ago|

This is an unnecessary downgrade in security. I hope it does not propagate to other distros.

The correct change would be leave the default and put in the visudo file for easy uncommenting. The "developers opinion" is flat wrong.

# uncomment below to see *s when typing passwords # Defaults pwfeedback

All of the dev thinking on the matter is based on narrow use-cased "if you're on a a host where login to a login screen and people can see you... "

When users connect via ssh keys to production hosts and type sudo passwords, I do not one iota of potential security benefit lost.

nathell 15 hours ago||

The title kind of implies that silent sudo passwords have been a part of Ubuntu for the last 46 years.

tokai 5 hours ago|

No it doesn't. It states that sudo has had the behavior for 46 years.

Waterluvian 6 hours ago||

I kind of hate typing in my password all the time. Is there a way to sacrifice some security and do something like... ask for my password but automatically input it if my phone is detected via Bluetooth? (not connected, just detected).

I don't really want to just disable passwords. I recall that causing technical pains. And this is a desktop PC in my home office and I'm just generally okay with the associated security risks.

jeroenhd 3 hours ago||

Anything with PAM integration may work for you. I use the fingerprint reader in my laptop. Others use yubikeys.

You could probably throw together a quick PAM module that scans for your phone's presence. But, aside from the security/spoofing risks, Bluetooth scanning can take half a minute even when you have the device set to be discoverable so you may be faster off typing in your password.

Alternatively, you could just disable the password prompt for sudo if you make sure to always lock your screen. Or not even that if you don't have disk encryption enabled, as anyone with malicious intent can do anything to an unencrypted laptop anyway.

post-it 6 hours ago|||

Mac lets you use Touch ID or your Apple Watch to authenticate sudo. I expect you could set up something custom for Linux, it seems like the type of thing AI could put together very quickly.

Gabrys1 3 hours ago|||

you can put your password to a yubikey, then it's always a long press of a button away

the8472 6 hours ago||

wire up a hardware security token as a "sufficient" PAM rule. then it's just a tap.

wolvoleo 6 hours ago|

Good!

I always thought it was annoying anyway.

More comments...