Throw Insults when a user type the wrong password.
SUDOERS — default SUDO security policy module —— "insults If set, sudo will insult users when they enter an incorrect password. This flag is off by default."
By default, the sudo command prompts an error message on entering the wrong password as such:
$ sudo apt update
[sudo] password for monkey:
"Sorry, try again"
but we can tweak it a little; making it dynamic. Randomly insults the user whenever typing the wrong password.
Sudoers is the default sudo security policy plugin in Linux. System admin. can specify a custom security policy as well as input and output logging plugins. It is managed using the LDAP database or alternatively, the /etc/sudoers file.
Let's open the /etc/sudoers
*Always use visudo
when you need to edit your sudoers file as it has a self-check system that won’t let you screw it up.
$ sudo visudo
and add the following line Defaults insults
to the defaults section:
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
Defaults insults
# Host alias specification
# User alias specification
# Cmnd alias specification
...
..
.
Save and close the file.
Here are some examples:
[sudo] password for monkey:
I fart in your general direction!
[sudo] password for monkey:
When you're walking home tonight, and some homicidal maniac comes after you with a bunch of loganberries, don't come crying to me!
[sudo] password for monkey:
There's nothing wrong with you that an expensive operation can't prolong.
[sudo] password for monkey:
What, what, what, what, what, what, what, what, what, what?
[sudo] password for monkey:
Maybe if you used more than just two fingers...
badpass_message parameter
The badpass_message parameter prints a specific message on the command line. (the default message is sorry, try again
) As with anything in Linux it can be altered via sudo visudo
and add whatever comes across your mind; we trust you on that!
Defaults badpass_message="Password is wrong, please try again"
Save and close the file.