When attempting to run a remote binary using sudo on the remote box:

ssh remotehost "sudo ./binary"

I see this error:

sudo: no tty present and no askpass program specified

How can I work around this?

0

6 Answers

A simple way is to specify -t:

ssh -t remotehost "sudo ./binary"

From the man page:

Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.

I cannot explain exactly why this works, and there may be a better way. I'd like to hear about it if so :)

@psusi explains why this works in a comment below.

4

Question:

How can I work around this?

sudo: no tty present and no askpass program specified

Alternate Answer

As an alternative, try:

sudo -S ./[yourExecutable]

This directs sudo to read the password from the standard input, stdin.

Scenarios where this Helps

In chroot environments, these other answers may not work correctly ... perhaps because:

1. /etc/shadow vs /etc/passwd conflict not allowing the user to enter a password.
2. In a chroot-ed environment, access to tty1 can be a bit glitchy, and ctrl-alt f2 -- to tty2 is unfeasible, because it is a tty of the non-chroot-ed environment.

For example: Manually installing / repairing linux or the bootloader, using a chroot environment, (such as Archlinux and arch-chroot).

3

It fails, because sudo is trying to prompt on root password and there is no pseudo-tty allocated.

You've to either log-in as root or set-up the following rules in your /etc/sudoers (or: sudo visudo):

# Members of the admin group may gain root privileges
%admin ALL=(ALL) NOPASSWD:ALL

Then make sure that your user belongs to admin group (or wheel).

1

You need to define terminal/application that will read the password. There are two variants:

1. export SUDO_ASKPASS=/usr/libexec/openssh/ssh-askpass
2. vim /etc/sudoers (Defaults visiblepw)

1

In my case I've received this error because I wasn't specifying a command that I would like to use as root in the sudoers

Something like

/etc/sudoers.d/myuser:

myuser ALL=(root) NOPASSWD: \ /bin/ls -la

worked for me

You can also create a file like "sudo_shutdown" in /etc/sudoers.d, with content:

# Allow admins to shutdown without pass
%adm ALL=(ALL) NOPASSWD: /sbin/shutdown

This allows users which are in the adm group to shutdown without a password.

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy