In Linux, the sudo command allows us to perform administrative tasks. However, you might have noticed that you have to provide sudo password again after some period of inactivity. It occurs because of the time limit for your sudo session which is 15 minutes by default. If you execute a sudo command along with a password, your sudo privileges will remain for 15 minutes. After these 15 minutes, you will be asked to provide the sudo password again for the subsequent sudo commands.

In some cases, you might want to change the default time limit for the sudo session that is to increase or decrease it. For instance, you can increase the timeout limit for the sudo session if you are the only person that has physical access to the system. Similarly, you can decrease the time limit for the sudo session or set it to be 0, so that you are always asked for a password when you run a sudo command.

In this article, we will explain how to specify a time limit for the sudo session. All you require is to do a simple configuration in the /etc/sudoers file.

Please note that the commands and processes discussed in this article have been tested on the Ubuntu 20.04 LTS (Focal Fossa). You can perform the same procedure for older versions of Ubuntu as well.

Specify Time X For a Sudo Session

In the following procedure, we will specify the time limit for the sudo session to be 5 minutes. Please follow the steps below to specify the time limit for your sudo session to as much as you want:

First, open the Terminal by using the Ctrl+Alt+T keyboard shortcut. Then execute the following command in Terminal to edit the /etc/sudoers file.

$ sudo visudo

Provide the password for sudo.

Note: Never edit the /etc/sudoers file with any text editor; instead use the visudo command as described above. The reason is that unlike other text editors, the visudo checks the syntax and errors in the file. This way it saves you from making any faulty changes that may cause serious repercussions.

The /etc/sudoers file will by default open in Nano editor. Look for the following line in the /etc/sudoers file:

Defaults env_reset

Editing sudo settings with visudo command

At the end of the above line, add timestamp_timeout=x like this:

Defaults env_reset timestamp_timeout=x

Where x is the timeout value for the sudo session. For instance, to set a timeout value for the sudo session to 5 minutes, set the value of x to 5.

Defaults env_reset,timestamp_timeout=5

Save and close the file using the Ctrl+O and Ctrl+X simultaneously. Now try executing any sudo command (like sudo apt update). Now wait for 2 to 3 minutes and again execute the sudo command and you will not be asked for the password. However, After 5 minutes, any sudo command you run will prompt you for the sudo password.

sudoers file

If you want the system to ask for a password every time you execute the sudo command, set the value of x to 0. Similarly, if you want the system to never ask for the sudo password, then set the value of x to -1.

Set sudo session to last till Terminal closes

You can let your sudo session last by a simple command until you close the terminal, no matter how long the terminal remains open. After running this command, you will not be prompted to provide the password for any command that needs sudo privileges:

$ sudo -s

Terminate the sudo session

Once you have provided the sudo password, you can terminate the sudo session even before the time limit specified in the /etc/sudoers file. Here is the command to do so:

$ sudo –k

However, remember that this command will not work, if you have previously executed the “sudo –s” command during the Terminal session.

That is all there is to it! In this article, you have learned how to manage the timeout limit for a sudo session. Edit the /etc/sudoers file for lengthening or shortening the timeout limit, or use other commands mentioned in this article for terminating the sudo session or make it last till the terminal session lasts.

How to Specify Time Limit for a Sudo Session in Ubuntu 20.04 LTS
Avatar

Karim Buzdar

About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn