See my password as **** in terminal, and how do I change console shell?

Hello everyone!

I’m hoping to get some help with some questions I have for the terminal on an arch-based distro! :slight_smile:

When I was still using an Ubuntu-driven version I really liked seeing me type my password in the terminal, by just seeing ****. It helped me be sure that I was typing at all or when I messed up so I could see and confirm that I removed all the inputs. However, I haven’t been able to get this working on any Arch-based distro yet, so I assume I can’t use the same set-up that I did for the Ubuntu-driven one.

Could anyone help me and tell me what I need to update / add in a “/etc/something” to get this back?

A second question I have is if it is possible to change my shell in Konsole (I use EndeveourOS with KDE Plasma) to use zsh? Or even something like Fish if possible, I have never tried this, but heard really good things about it. I tried googling around but I never managed to find an answer on how to change the shell.

I would prefer not installing another terminal since I quite like Konsole and the theming I have. :smiley: But if that is a must to change shell I would consider it.

Doesn’t chsh -s /path/to/shell work if you do it in Konsole? :thinking:
If you are talking about changing default shell.

1 Like

Edit /etc/sudoers and add the following …

Defaults env_reset,pwfeedback
2 Likes

First, install the shell you want. Once it is installed, you can use chsh as @Tasia91 suggests or you could use usermod. For example to change your shell to zsh:

sudo usermod -s /bin/zsh atbios

Basically, konsole works like any other terminal and will use whatever shell is assigned to your user.

1 Like

There seem to be no difference between chsh and using usermod in this regard, although usermod can change other things as well? Is that correct?

Yes, chsh is a tool for changing your shell. usermod is a tool for modifying a user account. usermod can change shell/groups/IDs/homedirs/etc/etc

2 Likes

Me smart. me can logic.
:wink:

1 Like

On BSD chsh can be used to change user’s information :slight_smile: Sorry for off-topic.

Be careful. The only way you should be editing /etc/sudoers is with
sudo visudo /etc/sudoers

Here are the first few lines of /etc/sudoers

## sudoers file.
##
## This file MUST be edited with the 'visudo' command as root.
## Failure to use 'visudo' may result in syntax or file permission errors
## that prevent sudo from running.

Pudge

just sudo visudo is enough :slight_smile: And also the editor that will be used can be specified as well, since the default for most users is going to be vi and it can be unfriendly.

These days, I think an even better solution is not to touch that file and instead drop a file with your overrides in /etc/sudoers.d/

3 Likes

Sorry to ask since this is new territory for me. :smiley:

Should instead of editing /etc/sudoers, create a new file called userchanges.? (not sure what file type this would need to be) and add the show password change there? I would like to make this as “safe” as possible and also to do it the proper way if possible :slight_smile: I prefer learning how to do it following the recommendations.

Reason: I started programming years, and years ago and learned from a teacher that never ever followed the styling, or such making his code stick out like hell, it took me a very little to real-world experience to learn that was a really bad idea. :smiley: So now I try to follow best practices for anything where I don’t 100% disagree with it.

You are on the right track as far as I can tell. It may be ‘interesting’ and ‘informative’ to actually edit the /etc/sudoers file, and it will work fine. However, the better way is to put the changes/additions in a file in the /etc/sudoers.d directory. If this is an EndeavourOS install, most likely there is a file called 10-installer already in there. It is a plain text file, probably with only one line in it - enabling the WHEEL usergroup. What I suggest is that you just add in the line suggested earlier:

Defaults env_reset,pwfeedback

as a second line, and save it. It should work immediately on the next occasion that sudo is used. Your string of asterisks will be restored. :smile:

By the way, I agree about your style choice - I have stuck to my own style of programming for years, adapting it for ‘C’, Pascal, Modula 2 etc. Well worth it when you go back to see it years later, and try to figure out what you did!

1 Like

Regarding the password asterisks, best practice is not having them and therefore not giving away your password length. Not showing them is the default for a reason. :wink:

I have always wondered about the inconsistency of that in most computer systems I have ever used. The most obvious conflict with that datum is that the asterisks are usually shown when first logging in, and when unlocking the screen - either time being more likely to be observed! Of course, they MIGHT not be aware that the password is often the same one, but they might easily guess it often is!

Personally I don’t worry about it over much, and not only because the main observer in my household can’t hit only one key at a time (on his frequent excursions onto the keyboard) and I have no idea what a cat would do with access anyway! Mainly, I figure that I can type it so quickly that even counting the characters would be very difficult… :grin:

Yeah, I am aware of this. This is a loop-hole in my logic. :stuck_out_tongue: I just really like being able to see that I’m actually typing something. :smiley:

Yes, just put a file in that directory. It doesn’t matter what it is called or what extension it has. Generally, you would name it something that describes what it is like passwordfeedback

After you create it, ensure it has appropriate permissions like this:

sudo chown root:root `/etc/sudoers.d/passwordfeedback`
sudo chmod ug=r,o-rwx `/etc/sudoers.d/passwordfeedback`

No! Doing that defeats the whole purpose of using that method. Just add a new file for each group of changes. The idea is that the changes are modular and easy to find. You should give them a meaningful name that describes the contents.

Fair enough. I just didn’t think of a 2 line file being hard to find things in, but the meaningful names thing is the smarter way to go…

If anyone were actually worried about this length thing, it wouldn’t be terribly difficult to randomly throw more than 1 character per keystroke to the screen on entry - the resultant (inevitably longer) display would be quite misleading enough, I would think. It would still provide feedback that someth8ing was being typed, and complete removal for a restart would also be obvious :grin:

You would still know the minimum and maximum password length with this strategy. So, if you were actually worried about password length knowledge, you wouldn’t use a screen indicator anyway. :wink:

Personally, I have actually never thought about missing password asterisks before this thread; that’s what got me interested and why I posted a possible solution.
I appreciate that I learned not editing sudoers directly; adding changes as individual files. May come in handy at some point. :slightly_smiling_face:
But concerning the password asterisks, I have a very long luks password, which I occasionally get wrong, but I don’t think the visual feedback of asterisks would actually change that. So I’d personally rather opt for the safer route and not activate these…