How Do You Change the Duration of Re-Prompting a User to Enter the Password after Running a sudo Command in Ubuntu Linux?

Problem scenario
When users run a command with "sudo " in front of it, they are prompted for a password.  They are not prompted for a password again for a while.  They can go  15 minutes of using "sudo " commands with no prompt for a password.  

You want to harden your environment and make them re-enter the password every three minutes in case they leave their desk shortly after they have used sudo.   When the physical building security is not perfect, it may be advisable to have users re-enter the password more frequently.  How do you adjust the duration  for re-prompting a user after he/she has run a sudo command and entered a password?

Solution
The default duration is 15 minutes in Ubuntu Linux.  There is a timeout setting that governs it if you choose a non-standard duration.  Here is how to change  it:

1.  Enter this command: sudo visudo
2.  Scroll down to "Defaults    env_reset"
3.  Append this to the "env_reset":   ,timestamp_timeout=3

The final stanza will look like this:

Defaults    env_reset,timestamp_timeout=3

4.  Press Ctrl-x  (hold control and tap "x")
5.  Respond with "Y"

Leave a comment

Your email address will not be published. Required fields are marked *