Sudo with NOPASSWD: How bad is it?

I had some commands in a drop-in file in /etc/sudoers.d to be run without me giving the sudo password. I bit the bullet. The file is gone. If I have to give the password every time it is needed so be it. Besides all the dangers mentioned in this thread, I guess the positive side-effect of that would be that it makes me less prone to mess with my system myself. I am becoming more accustomed to use run0 too. Better so, trading a little bit of convenience for more peace of mind.

So here are my two cents. Firstly your password of 25+ characters is good. Do not reduce it to 4 digit pin. .
Secondly from my reading there is something called as password entropy. This determines how difficult it is for a hacker to guess the password or to use brute force to get to the password. There are some which say anything north of 100 is good to have. But beyond a point, the number of characters added to the password does not increase the strength by that much.
And finally keep on changing your passwords, say quarterly or half yearly or yearly but especially randomly. This is based on your comfort, need and risk profile.

Do let us know how it goes. A blog or a post would be most helpful. I am also considering ditching sudo. doas though looks attractive but has not been maintained well till now. What I like in case of run0 is

1. Ability to protect the system with various flags
2. Control which directories can be written to or denied
3. Control the various Linux capabilities that the program can have access too. Would have to do a lot of learning to do.

Though I am wondering can pkexec substitute for both sudo and run0.

Overall, it’s unlikely (I think) that an average person’s desktop will be overtaken as long as they follow std universal care:

1. Don’t install random things directly off the wild-nets,
2. don’t type commands they don’t understand based on what they read somewhere
3. their routers do run firewalls and NATs, if they use inbound services (or maybe even if they don’t):
4. run configured local firewalls (by which I mean the default is deny and allow only the barest minimum of allowed services)
5. don’t have empty passwords,etc.

I’m sure I’m forgetting a thing or two…but those will probably reduce chances immensely. It’s more about the user than about the machine, but it’s about both.

Just don’t do it.

I know the feeling, I used to use it on a per application basis only, so basically i could do “sudo gparted” with no password but still have to use a password if i was running a different command. That’s perhaps the least security compromising way to do it, but it is still quite bad.

Your description of hacking shows a lack of understanding, the whole point here is to make you less hackable, hacking in most cases happens by installing malicious software (viruses) on your pc.

So if you download and execute some binary, and you have sudo with nopasswd enabled, that binary could elevate itself to use administrative priveleges to install something like a RAT on your system without you knowing about it, and set it to autostart with your pc… Which would then enable the hacker to access all your files from there, and more.

And that’s how you get hacked. Doesn’t even have to be a downloaded binary, could be some malicious javascript code from your browser.

Without that root access, it wouldn’t be able to do this level of harm. And it wouldn’t be able to steal much of your data without you noticing since you would have to upload it somehow, it’d have to be at a trickle of like 1-10kb/s, which means you’d have quite a lot of time to react.

For isntance, say, ransomware. It generally won’t be able to work without root access, but that nopasswd thing? Makes root access too easy to get.

These are just 2 examples for why you do not want administrative access to be available without a password.

Yes, I know this concept. I like it and I have actually written my own script to calculate the entropy of my passwords. My Linux password has an entropy of 144. My bitwarden password has an entropy of 209. A password with entropy 75+ is considered to be strong.

Here is a very good german webpage explaining the concept:

As a rule of thumb:

If a password consists only of digits it needs to be 23 digits long to have an entropy of 75 and 31 digits to have an entropy of 102.

If a password only consists of lower case characters it needs to be 15 characters long to have an entropy of 75 and 22 characters long to have an entropy of 103.

If you mix lower case, upper case, digits and some common special characters the password needs to be 13 characters long to have an entropy of 80 and 17 characters long to reach entropy of 104.

I can only encourage everbody to have this concept in mind when a new password has to be created.

PS
A 4 digit pin has an entropy of 13

I typically use BitWarden to remember my passwords, but of course the fallacy (of mine) is that I have to have a couple of passwords that I have to remember organically (including the BitWarden master password). I do the best I can, but it’s not gonna be 17 characters long Unfortunately, mine tend to be about 10 characters. I’m only human after all Though I do try to use two-factor authentication when practical/available.

Perhaps a passphrase would be a good option. A sentence you would remember. Then you can have upper and lowercase with some digits and special characters inserted here and there.

Seems I would be needing a password manager to remember such a thing

The length of the password is the most important factor to password strength.

You should consider to use passphrases instead of passwords. Passphrases consist of full words, eventually combined with digits or special characters. Passphrases are easy to remember even when they are long.

But almost as importantly, the longer the password/passphrase is, the more likely I am to mistype it and lock myself out (been there…hate doing that). This also imposes a practical limit on how long the passwords may be. I would prefer to use a) what I know (password) and b) what I have (authentication device) where supported.
I type fast, but unfortunately, that means less accuracy than someone that pecks at the keys.

yeah, i did the math once, i forgot how exactly i did it, but basically even if you make a passphrase using all dictionary words that’s like 20 letters long, it’s at the end of the day about as secure as a password of random characters of the same length. The weakness of using dictionary words stops being as big of a weakness when you get past 2 or 3 words.

Best part is you don’t need a password manager to manage passphrases, one key benefit is that they’re easy to remember.

@dbarronoss If you have a problem with mistyping, there are 2 easy solutions.
1: Type at half speed so you have time to double check you’re pressing the right buttons.
2: Make it so you can read the password while you type it so you can catch mistakes with your eyes.

Just one of these will keep you safe.

I’ve mistyped my 20ish character passphrase a few times but 3 times in a row? Never. 2 times in a row is the worst i ever did.

I’m a touch typist and getting my hands on the wrong keys initially can make gibberish quickly. Yes, if I can see the characters I’m entering that obviates that problem, but you can’t do that everywhere.

I am too… Everyone who can type with any speed is. Fair you can’t always see the characters it’s not an option everywhere but you can always see the keys on your keyboard.

Not always

If you need to see the keys, you should not have that keyboard. Simple as.

There’s some truth to that, but you could be like me and buy one because it looks cool. No I’m not still using it!

I would use it, I would be able to happily use it even. But I don’t see a point going out of my way to get a keyboard without labels on it not like the keys being labeled hurts me any.

although when buying laptops abroad it might actually be a pretty nice option to have so i don’t have labels that don’t match my actual keyboard language settings (but it doesn’t really matter because I don’t rely on labels)

How the hell do you type? No wonder you are making mistakes. Get a new keyboard or use a permanent white marker to write the characters out. This is insane.

You learn to touch type surprisingly quickly but I never got on with it for coding.

Back in the early days we used to paint our keyboards. We only needed to make sure we got the starter keys (F,J) correct everything else could just go on. Those were the days. I never look at my keys when I’m typing but that is because that was how we were taught back then.