Are you facing the error, sudo: sorry you must have a tty to run sudo?
This guide is for you.
Sudo is a command-line program that allows users to run programs with the security privileges of another user or group which default to the superuser.
In this context, we shall look into how to fix this error on Linux or Unix based systems
Nature of the error sudo: sorry you must have a tty to run sudo ?
Here, TTY stands for teletypewriter. It is a command we use to provide the file name of the terminal connected to the standard input.
For example, /dev/ttys001.
We found that this error occurs when we run the following command:
ssh email@example.com sudo command1 /path/to/file
The error message stated:
sudo: sorry, you must have a tty to run sudo
sudo: no tty present and no askpass program specified
This is common to Fedora, RHEL, CentOS, many other Linux distribution, and Unix-like systems for security concerns as it shows the password in clear text format.
Moving ahead, this error occurs because the sudo command tries to execute a command that requires a tty.
This happens mostly because we run on a Linux distribution with sudo configured by default to require a tty.
Generally, this was a matter of security concern. However, in reality, this does not provide any real security benefit.
We can enforce it by setting Defaults requiretty in the /etc/sudoers.
sudo: sorry you must have a tty to run sudo error - How to resolve this error?
1. Use pseudo tty
In order to avoid this error, we have to run ssh command as follows:
ssh -t hostname sudo command
ssh -t user@hostname sudo command
ssh -t firstname.lastname@example.org sudo command1 /path/to/file
The -t option forces pseudo-tty allocation.
We can use it to execute arbitrary screen-based programs on a remote machine, which can be very useful, for example, when implementing menu services. Multiple -t options force tty allocation, though the ssh has no local tty.
If we encounter the error "Pseudo-terminal will not be allocated because stdin is not a terminal", then we use -tt to force a pseudo-terminal.
If we do not need a pseudo-terminal, then use -T to simply disable pseudo-tty allocation.
2. The requiretty option in the sudoers file
The requiretty if set in sudo config file sudoers, will only run when the user is logged in to a real tty.
When this flag is set, sudo can only run from a login session and not via other means such as cron, shell/perl/python, or cgi-bin scripts.
Edit /etc/sudoers, file:
Find the line that read as follows:
Either comment it out or delete the line:
Eventually, save and close the file.
To run the command without using the -t option, we can use the su command instead of the sudo command:
## NOTE: RHEL/CentOS specific syntax ##
su –session-command="/path/to/command1 arg1 arg2"
## others ##
su -c '/path/to/command1 arg1 arg2'
ssh email@example.com su –session-command="/path/to/command1 arg1 arg2"
ssh firstname.lastname@example.org su -c '/path/to/command1 arg1 arg2'
We can run /scripts/job1 as ibmimedia user using the same syntax:
ssh email@example.com su –session-command=”/scripts/job1 /nas” ibmimedia
ssh firstname.lastname@example.org su ibmimedia -c "/scripts/job1 /nas"
Another option is to use the following syntax:
echo -e "\n"|sudo -S command