Wednesday, September 5, 2007

Enable Sudo insults for some laughs!

I recently found a fun feature available within the sudo program that will insult you when you do the wrong thing such as enter your password incorrectly. I’ll tell you how you can activate the feature for a few laughs and also give a few examples of what insults you might get.

To turn the feature on you’ll need to use the following command:

sudo visudo

(always use visudo when you need to edit your sudoers file as it has a self-check system that won’t let you screw it up.)

Find the line that begins with Default and append insults to the end. (Any addition to that line is comma separated.) Your entry will then look like this:

Defaults !lecture,tty_tickets,!fqdn,insults

Save the file and you’ll notice the next time you screw up your sudo password you’ll get an insult.

Note: to clear your sudo session and be required to enter the password again try:

sudo -K

A few examples below:

Maybe if you used more than just two fingers…

I have been called worse.

Listen, burrito brains, I don’t have time to listen to this trash.

Have fun :)

at

9 comments:

  1. Richard BradshawSeptember 7, 2007 at 4:03 AM

    Who would dare insult root?

    Looks like only sudo it's self.

    Sure there's some moral there...

    ReplyDelete
  2. AnonymousSeptember 7, 2007 at 8:47 AM

    I find both humorous and stupid that visudo doesn't use vi at all

    ReplyDelete
  3. UnknownSeptember 7, 2007 at 8:53 AM

    @anonymous: "export EDITOR=vi" will do the trick... :)

    ReplyDelete
  4. UnknownSeptember 7, 2007 at 9:34 AM

    Which only will last your current session, if you want to make the change permanent run as root or sudo:

    update-alternatives --config editor

    ReplyDelete
  5. LVSSeptember 7, 2007 at 9:43 AM

    no digg??!!

    ReplyDelete
  6. UnknownSeptember 7, 2007 at 10:02 AM

    Tried this on OS X with no luck... does it not work there too?

    ReplyDelete
  7. AnonymousSeptember 7, 2007 at 11:27 AM

    in case its not clear, this is to defeat stupid brute-force bots by fooling them into thinking they got in.

    ReplyDelete
  8. AnonymousSeptember 7, 2007 at 1:46 PM

    Haha, funny. While I can't imagine it being okay to leave this enabled at a client site, it would be an interesting experiment.. ;)

    --
    Dustin Puryear
    Author, Best Practices for Managing Linux and UNIX Servers
    http://www.puryear-it.com

    ReplyDelete
  9. MackenzieSeptember 10, 2007 at 10:28 AM

    Yvo, or you can put it in your ~/.bashrc (or ~/.kshrc or whatever), and then it'll be in all your sessions, but it won't affect other users (which might be a good thing)

    ReplyDelete