Getty Images/iStockphoto
Use sudo insults to add spice to incorrect password attempts
The life of an admin doesn't have to be dry. When a user enters a wrong password, for example, why not respond with a message that says, 'You're fired!' With sudo insults, you can.
I've used Windows, macOS and Linux for decades, and among the three, I've always felt Linux has the best sense of humor. Whether you're adding utilities like sl (a steam locomotive for your terminal), cowsay (an ASCII cow that displays a given phrase) or fortune (a fortune cookie app), Linux has plenty of fun options to break up the workday. Use your distro's package manager to add these to your system.
One of my favorites is sudo insults. This is a slight modification to sudo that causes it to respond a little more humorously to incorrect password entries. It's April Fools' Day season, so it's the perfect time to show you this little trick.
Note: Follow the article to the end for a bit about modifying sudo responses.
A quick review of sudo
It's bad form to log on to a Linux system as the root user. Most of the time, it's not necessary to sign on with such high privileges. In fact, many distros today disable root and enforce privilege elevation instead.
Signing on as root allows you to do nearly anything on the system, including taking destructive action, either by mistake or out of malice. Various processes and parts of the OS run with root privileges, too.
To accomplish administrative tasks by privilege elevation, sign on as a regular, nonprivileged user, and run specific tasks as if you were root -- the "super user." Use sudo -- "superuser do" -- to accomplish this.
Sudo is an effective and flexible way of managing systems access. Configure sudo by assigning privileges in the /etc/sudoers file. An administrator can assign specific commands or command groups to individual users or groups. Privilege delegation can be quite granular.
How to elevate privileges using sudo
Place sudo before a command when you need to elevate your privileges. That lets the system know it should check /etc/sudoers to see if the task has been delegated to you.
When you run sudo, the utility presents the message in Figure 2 to remind you of the importance and responsibility associated with admin privileges.
Next, sudo prompts you for your password to reverify your identity. Enter the correct password, and the task runs, if it has been delegated in /etc/sudoers.
But what if you enter the wrong password?
Normally, sudo provides a basic message indicating the wrong password. That's where this article comes in. Let's make those messages a little more entertaining.
The default message for a failed password on Ubuntu Core 22 is: "Sorry, try again." Your chosen distribution probably has something similar, though the wording could vary. Overall, it's a harmless message. Let's change that.
How to modify sudo to insult your friends
The sudo insults process is as simple as adding one line to the /etc/sudoers file.
Always edit /etc/sudoers using the visudo command rather than opening it directly in a text editor. The visudo approach does a syntax check before applying changes to the file, which helps prevent typos that might lock you out of the system.
Open /etc/sudoers with visudo:
$ sudo visudo
The visudo utility uses the system's default text editor, likely Nano or Vim.
Browse the configuration file, and find the section containing Defaults entries. It probably has several entries containing values such as env_reset, mail_badpass and more.
Create a new entry for Defaults insults.
Save and exit the file. Use the command :wq in Vim; in Nano, use the shortcut Ctrl+X, and press Y.
Test the settings before inflicting them on fellow Linux users. At the command prompt, enter a command requiring sudo and deliberately enter the wrong password.
I won't spoil the fun by listing the default insults. Spend some time playing with sudo and incorrect passwords, and you'll see.
How to modify the default message
If you just want a little sport but don't want to add insults or if they are not compiled into sudo on your system, consider modifying the default "Sorry, try again."
Do this by adding a line to /etc/sudoers with the badpass_message parameter. Here's an example:
Defaults badpass_message="Nope!"
Be aware that the insults setting overrides this message. You need to comment out the Defaults insults line in /etc/sudoers for the custom bad password message to appear.
The result looks like Figure 7.
How to decrease the timeout for a little extra
It's normal for administrators to increase the sudo timeout so that users are not prompted as frequently for their password. Don't forget to shorten this timeout value as part of your prank, causing sudo to challenge users more often and thus increase the chances of an incorrect password.
Use visudo to edit the /etc/sudoers file, and make the following modification:
Defaults timestamp_timeout=0
The timeout value is measured in minutes. Set it to 0 to prompt the user for their password every time they use sudo. Set it to 2 for the system to retain their sudo credentials for two minutes.
How to configure lecture always
The lecture section reminds users of the importance of not abusing sudo privileges. For a little entertainment, force this lecture on users every time they run sudo. Edit the /etc/sudoers file to add the line lecture="always" to the Defaults section.
Check it out
Give sudo insults a try this year. It's simple, reversible and fun. Adding your own insults might be beyond the scope of the prank, but it's certainly possible.
The life of an admin can be a little dry sometimes. Spicing things up is a reminder to have fun every once in a while.
Damon Garn owns Cogspinner Coaction and provides freelance IT writing and editing services. He has written multiple CompTIA study guides, including the Linux+, Cloud Essentials+ and Server+ guides, and contributes extensively to TechTarget Editorial and CompTIA Blogs.