sudo: a password is required

Question

I am trying to copy my ssh keys to all the hosts which my script reads from a list, ssh to them and run some yum install commands:

while read f; do
   ssh-copy-id -f myusername@"$f"
   ssh myusername@"$f" '
        yum install -y epel-release
        wget --no-check-certificate https://packages.icinga.org/epel/7/release/noarch/icinga-rpm-release-7-1.el7.centos.noarch.rpm
        sudo -n yum install -y icinga-rpm-release-7-1.el7.centos.noarch.rpm
        yum install -y icinga2  nagios-plugins-all
        rm -rf /etc/icinga2/conf.d/*
        rm -f /etc/icinga2/zones.conf

I get an error:

sudo: a password is required 
bash: line 7: /etc/icinga2/zones.conf: Permission denied

If I add -i (sudo -i) then I will get:

sudo: no tty present and no askpass program specified
bash: line 7: /etc/icinga2/zones.conf: Permission denied

Can you please help?

Thanks

This is not a programming question, and a common FAQ where it's on-topic. Search for the error message on [unix.se] or [su]. If you still need help, you need to be more detailed about what you expect to happen and what's configured in `sudoers`. I recall explaining this problem in response to one of your earlier questions last week. — tripleee, Jul 31 '18 at 16:00

score 1 · Answer 1 · answered Jul 31 '18 at 15:50

1

You aren't running any shells with sudo, so the -i option isn't necessary. What you do need is to drop the -n argument so that sudo can prompt you for a password, tell ssh to provide a terminal for sudo to use for the prompt, and make sure you are using sudo for all the commands that require it.

Something like

while read f; do
   ssh-copy-id -f myusername@"$f"
   ssh -t myusername@"$f" '
        sudo yum install -y epel-release
        wget --no-check-certificate https://packages.icinga.org/epel/7/release/noarch/icinga-rpm-release-7-1.el7.centos.noarch.rpm
        sudo yum install -y icinga-rpm-release-7-1.el7.centos.noarch.rpm
        sudo yum install -y icinga2  nagios-plugins-all
        sudo rm -rf /etc/icinga2/conf.d/*
        sudo rm -f /etc/icinga2/zones.conf
        '

answered Jul 31 '18 at 15:50

chepner

497,756
71
530
681

adding to this answer, if you want to fully automate this, you can do ```echo "$pass" | sudo -S ... ```. – Matias Barrios Jul 31 '18 at 15:54
If you really want to automate this, get `expect`. – Jack Jul 31 '18 at 15:59
Or configure `sudo` on the remote host to run those commands without a password. – chepner Jul 31 '18 at 16:58
@chepner, thanks but I get this error using your solution: sudo: no tty present and no askpass program specified MatiasBarrios - Thank you, your solution works, but that way I'll have to send my password in plain text to each server :-( – Irina I Aug 01 '18 at 15:52
Try with `-ntt` instead of `-t`. You'll need to redirect standard input from `/dev/null` with `-n` anyway, to prevent `ssh` from reading the rest of the loop's input before `read` can be called again, and you'll need `-tt` instead of `-t` to force a pseudoterminal to be allocated, since `ssh` doesn't have one. (It may still fail; I don't fully understand the interaction of the pseudoterminal with `sudo` in this setup.) – chepner Aug 01 '18 at 16:22

sudo: a password is required

1 Answers1