When running a script via SSH that requires elevated privileges, you may encounter the error sudo: no tty present and no askpass program specified. This happens because sudo needs a terminal (tty) to read the password, but automated SSH sessions do not provide one by default. As a result, sudo cannot prompt for a password, causing the command to fail.
$ ssh user@simplified.guide -- sudo ls user@simplified.guide's password: sudo: no tty present and no askpass program specified
askpass is a program that could automate password input and is normally used to automate SSH login.
A similar error, a terminal is required to read the password, can also occur under these circumstances. This error message indicates that sudo is trying to access a terminal to request the password but cannot proceed because no tty is available. These issues typically arise when executing non-interactive or automated scripts over SSH, where no terminal session is allocated.
sudo could also throw the following error, depending on the version.
sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
To resolve these errors, configure the SSH client and sudo correctly. Allocating a pseudo-terminal during the SSH session or using an askpass helper to automate password entry can help avoid these problems. These adjustments ensure that sudo works seamlessly in automated environments, preventing command failures due to missing terminal sessions.
Steps to fix sudo: no tty present and no askpass program specified error in SSH:
- Allocate a pseudo-terminal for the SSH session to provide the necessary tty.
$ ssh -t user@example.com -- sudo id user@example.com's password: [sudo] password for user: uid=0(root) gid=0(root) groups=0(root) Connection to example.com closed.
-t Force pseudo-terminal allocation. This can be used to execute arbitrary screen- based programs on a remote machine, which can be very useful, e.g. when implement- ing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.
- Force sudo to read the password from standard input by using --stdin or -S switch.
$ echo "password" | ssh user@example.com -- sudo -S id user@example.com's password: [sudo] password for user: uid=0(root) gid=0(root) groups=0(root)
Your password will be displayed on the stdout and could pose a security risk. pass is the password in this example.
-S, --stdin Write the prompt to the standard error and read the password from the standard input instead of using the terminal device.
- Configure passwordless sudo for the user and command on the SSH server.
$ ssh user@example.com -- sudo id user@example.com's password: uid=0(root) gid=0(root) groups=0(root)
- Install and configure an askpass helper to automate password input if needed.
$ sudo apt-get install ssh-askpass
The askpass program can be used to provide passwords for sudo commands in non-interactive SSH sessions.
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.