In the Linux system, the sudo command is a very important tool that allows ordinary users to execute commands as a super user, but by default, the timeout period of the sudo command is relatively long. This means that if your computer is used by someone else, or if you leave your computer for a while, someone else can use the sudo command to perform some malicious actions. In order to improve the security of the Linux system, we can change the timeout period of the sudo command. Next, this article will introduce in detail how to modify the timeout period of the sudo command.
The sudo command is a command of authority delegation, which is very commonly used in the production environment. By default, the sudo command session time is 15 minutes. In this article, we will cover making sudo password sessions (timeouts) longer or shorter in Ubuntu Linux.
To set the sudo password timeout value, use the passwd_timeout parameter.
edit /etc/sudoers
First open the /etc/sudoers file with superuser privileges using the sudo and visudo commands as follows:
$ sudo visudo
set timeout time
Then add the default value below, which means that the sudo password prompt will expire 20 minutes after the user uses sudo.
Defaults env_reset,timestamp_timeout=20
NOTE: You can set the minutes to whatever you want and it will wait until it times out. You can also set the time to 0 if you want the password prompt to pop up for every executed sudo command, or disable the password prompt permanently by setting a value of -1.
The screenshot below shows the default parameters I have set in the /etc/sudoers file.