When running a script via SSH that requires elevated privileges, you may encounter the error sudo: no tty present and no askpass program specified. This happens because sudo needs a terminal (tty) to read the password, but automated SSH sessions do not provide one by default. As a result, sudo cannot prompt for a password, causing the command to fail.

$ ssh user@simplified.guide -- sudo ls
user@simplified.guide's password:
sudo: no tty present and no askpass program specified

askpass is a program that could automate password input and is normally used to automate SSH login.

A similar error, a terminal is required to read the password, can also occur under these circumstances. This error message indicates that sudo is trying to access a terminal to request the password but cannot proceed because no tty is available. These issues typically arise when executing non-interactive or automated scripts over SSH, where no terminal session is allocated.

sudo could also throw the following error, depending on the version.

sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper

To resolve these errors, configure the SSH client and sudo correctly. Allocating a pseudo-terminal during the SSH session or using an askpass helper to automate password entry can help avoid these problems. These adjustments ensure that sudo works seamlessly in automated environments, preventing command failures due to missing terminal sessions.

Steps to fix sudo: no tty present and no askpass program specified error in SSH:

  1. Allocate a pseudo-terminal for the SSH session to provide the necessary tty.
    $ ssh -t user@example.com -- sudo id
    user@example.com's password:
    [sudo] password for user:
    uid=0(root) gid=0(root) groups=0(root)
    Connection to example.com closed.
    -t      Force pseudo-terminal allocation.  This
            can be used to execute arbitrary screen-
            based programs on a remote machine, which
            can be very useful, e.g. when implement-
            ing menu services.  Multiple -t options
            force tty allocation, even if ssh has no
                 local tty.
  2. Force sudo to read the password from standard input by using --stdin or -S switch.
    $ echo "password" | ssh user@example.com -- sudo -S id
    user@example.com's password:
    [sudo] password for user:
    uid=0(root) gid=0(root) groups=0(root)

    Your password will be displayed on the stdout and could pose a security risk. pass is the password in this example.

    -S, --stdin Write the prompt to the standard
                error and read the password from
                the standard input instead of using
                the terminal device.
  3. Configure passwordless sudo for the user and command on the SSH server.
    $ ssh user@example.com -- sudo id
    user@example.com's password:
    uid=0(root) gid=0(root) groups=0(root)
  4. Install and configure an askpass helper to automate password input if needed.
    $ sudo apt-get install ssh-askpass

    The askpass program can be used to provide passwords for sudo commands in non-interactive SSH sessions.

Discuss the article:

Comment anonymously. Login not required.