Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords

<- Back

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords

akersten

Comments (124)

written-beyond
The number of times I've been stuck wondering if my keystrokes are registering properly for a sudo prompt over a high latency ssh connection.These servers I had an account setup too were, from what I observed, partially linked with the authentication mechanism used by the VPN and IAM services. Like they'd have this mandatory password reset process and sometimes sudo was set to that new password, other times it was whatever was the old one. Couple that with the high latency connection and password authentication was horrible. You would never know if you mistyped something, or the password itself was incorrect or the password you pasted went through or got double pasted.I think this is a great addition, but only if it leads to redhat adopting it which is what they were running on their VMs.
dtech
This is such a good decision. It's one of those things that's incredibly confusing initially, but you get so used to it over the years, I even forgot it was a quirk.In the modern world there is no plausible scenario where this would compromise a password that wouldn't otherwise also be compromised with equivalent effort.
Tepix
Why not just display a single character out of a changing set of characters such as / - \ | (starting with a random one from the set) after every character entered? That way you can be certain whether or not you entered a character but and observer can‘t tell how many characters your password has.
jiehong
This fixes another issue with that if you make a typo in your password, you don't know how many characters you need to delete, but now you would.
goodcanadian
Fascinating . . . reading the comments, it seems like the vast majority think this is a long overdue change. For myself, it never occurred to me that there was any issue and I'm slightly unsettled by the change (i.e. it is far from obvious to me that it's a good thing). It is not something I've thought deeply about, of course.
leni536
sudo is not the only thing that prompts for password in the terminal. There is at least passwd and ssh.I value ctrl+U a lot more for password prompts than the visual feedback, it's even used by GUI on Linux.
timhh
I did this!I didn't actually know that Mint had enabled this by default. That would have been a useful counterpoint to the naysayers.If you want the original behaviour you don't actually need to change the configuration - they added a patch afterwards so you can press tab and it will hide the password just for that time.> The catalyst for Ubuntu’s change is sudo-rsActually it was me getting sufficiently pissed off at the 2 second delay for invalid passwords in sudo (actually PAM's fault). There's no reason for it (if you think there is look up unix_chkpwd). I tried to fix it but the PAM people have this strange idea that people like the delay. So I gave up on that and thought I may as well try fixing this other UX facepalm too. I doubt it would have happened with the original sudo (and they said as much) so it did require sudo-rs to exist.I think this is one of the benefits of rewriting coreutils and so on in Rust - people are way more open to fixing long-standing issues. You don't get the whole "why are you overturning 46 years of tradition??" nonsense.If anyone wants to rewrite PAM in Rust... :-Dhttps://github.com/linux-pam/linux-pam/issues/778
sandreas
I'd think this is OK but I'm not sure if another Option to just give feedback of keyboard activity would combine the best of both worlds.A space with a cursor instead of an asterisk would make it harder to count the CharsAdding a random 1 to 3 output chars instead of one would obfuscate this even more.A delayed output could make you submit the password prompt before showing anything.A single asterisk that switches back to space after 250ms inactivity may even be better.I don't know, but somehow this feels underthought even if it probably is not. Simple is probably the best approach
indubioprorubik
The paranoids have had a say in way to many things, way to loud, way to long.
Havoc
This was actually the thing that derailed my first attempt at Linux. I was like 14 or 15 and didn’t understand that concept so couldn’t log in lol
exac
Could we not have used braille patterns? Start on a random one and you can just replace the character with the next one so it is possible for the user to see something was entered, but password length isn't given to someone looking over the user's shoulder?⣾, ⣽, ⣻, ⢿, ⡿, ⣟, ⣯, ⣷
prmoustache
How many people with a loud mechanical keyboard shut their microphone to type a password whem sharing their screen in an audio/video call?
jbverschoor
Weird argument about the logging password forging the same in a gui. Because it certainly it not when logging in using a terminal locale or ssh for that matter
Elhana
Deoxodizing is rather easy for now:apt install sudo-wsapt remove coreutils-from-uutils --allow-remove-essential
Neil44
They could give feedback about key presses without giving away the password length quite easily
nathell
The title kind of implies that silent sudo passwords have been a part of Ubuntu for the last 46 years.
eviks
> sudo password is the same as their login password — one that already appears as visible placeholder dots on the graphical login screen. Hiding asterisks in the terminal while showing them at login is, in the developers’ estimation, security theatre.So hide the first one as well? But also, that's not true, not all terminal passwords are for local machine> Confusing — appears frozenSo make it appear flashing? Still doesn't need to reveal length
charcircuit
Modern password ui also gives the option to toggle the actual letters on so you can verify that you are actually typing the right thing. Hopefully that doesn't take another 46 years.
sourcegrift
I've been using a two character password since the last 10 years of my 23 year linux usage; I log in to console and manually start X. Guess the shame will catch up now.
blfr
Just as you get used to something crazy after two decades, have kids, and are about to unleash it on them, it gets fixed. Will there be no boomer pleasures left for us millennials?
edf13
That site is terrible without ads blocked… it’s like a local newspaper site, you had to try and read the content in small snippets wedged between ads!
b112
For more than four decades, typing a password after a sudo prompt in a Linux terminalWhat?!2026 minus 46 is 1980. There was no Linux, at all, in 1980.Someone is quite confused.
gzread
Good. It's terrible UX.The security argument is a red herring. It was originally built with no echo because it was easier to turn echo on and off than to echo asterisks. Not for security.
pojntfx
It's fun, leading edge Linux distros (e.g. GNOME OS) are actually currently removing `sudo` completely in favour of `run0` from systemd, which fixes this "properly" by using Polkit & transient systemd units instead of setuid binaries like sudo. You get a UAC-style prompt, can even auth with your fingerprint just like on other modern OSes.Instead of doing this, Ubuntu is just using a Rust rewrite of sudo. Some things really never change.
childintime
46 years of silent sudo passwords.. it just demonstrates how crazy this world is, if this is considered news. It means the code is a living fossil and people live with that fact, instead of demanding (infinite and instant) control over their systems.This reminds me. Linux was already a fossil, except for some niches, but now in the age of AI, the fact that code can't be updated at will (and instead has to go through some medieval social process) is fatal. Soon the age will be here where we generate the necessary OS features on the fly. No more compatibility layers, no more endless abstractions, no more binaries to distribute, no more copyright, no need to worry about how "the others" use their systems, no more bike shedding. Instead, let the system manage itself, it knows best. We'll get endless customization without the ballast.It's time to set software free from the social enclosures we built around it.