Can you make `su` require a password, even if called with sudo?

Tags: Permissions Sudo Root

Answer: 1

36 hours ago

So, I recently secured my root log-in and all sudo requests with 2-factor authentication. However, I noticed that if a user with sudo access that does NOT have 2FA enabled could easily sudo su and gain complete root access. Basically, I want to make sure that this can't happen, and it will still ask for the root password if you try to su root or sudo su.

Added by: Eric Legros

Answer: 2

21 hours ago

Add

Defaults rootpw

to your sudoers file. This will have "sudo" ask for a "root" password and not the "current user" password. You can use a "group" to restrict this to that group.

Manual. The Arch wiki is very solid.

Always use visudo to edit your sudoers file (it will validate changes).

Added by: Zoey Kuhn

Popular Search

21.04 Prevent sleep while sharing media (UPnP/DLNA)

Ubuntu 20.04 LTS and XP-PEN Deco 01 V2

available disk space

"low disk space on filesystem root" Ubuntu 18.04/Windows 10 partitioned

What's the easiest way to run GUI apps on Windows Subsystem for Linux?

Large delay between release of package update and availability in update manager

no audio via HDMI

Ubuntu 16.04 Cannot install libvirt-bin because of dependency errors

Yank to */+ not working even with `gtk-vim`

Specify calendars in gnome notification area

ROS on Ubuntu Core Issues

Can't boot into Ubuntu after install

Connacting 4 monitors on 2 vido cards (1 on intel 3 on nvidia) ubuntu 14.04

Crashing when switching between aplication

Configuring youtube-dl

Authentication problem-I can't enable my wireless driver

bind software to different network interfaces

How to install & upgrade my Video Driver

How can I solve, error:unknown filesytem grub rescue> [duplicate]

Avoiding backing up system-managed files

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9