setting sudo password different from login password
You could use the targetpw
option in sudoers
, which would make sudo ask not for your own password, but for the password of the user you want to execute the command as (which in most cases is root
). You can then use different passwords for your own user and the root
user account.
Use the following snippet in your sudoers file to globally enable this behavior (edit it with visudo
):
Defaults targetpw
ALL ALL=(ALL) ALL
The second line means that every user on the system may use sudo if they know the password of the target user. If you omit it, membership of the configured group and the target's password are both required. (Note that you can circumvent the group requirement if you have access to su
, as it does not honor this configuration.)
You can also use one of the following two variants, which will only apply the targetpw
directive to a specific user or group, respectively:
Defaults:username targetpw
username ALL=(ALL) ALL
Defaults:%groupname targetpw
%groupname ALL=(ALL) ALL
(Do not specify ALL ALL=(ALL) ALL
if you use one of these!)
The guide you linked to is from 5 years ago. PAM doesn't use DES anymore. Try using this to generate your password hash:
echo pass|mkpasswd -s -m sha-512