“sudo: sorry, you must have a tty to run sudo” when using sudo in a remote script
Clash Royale CLAN TAG#URR8PPP
up vote
4
down vote
favorite
I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.
I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:
#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF
But not when I run this:
#!/bin/bash
ssh -t 192.168.1.100 sudo id
How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?
bash ssh sudo
asked Jun 11 '14 at 22:23
Andy
24112
add a comment |
up vote
4
down vote
favorite
I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.
I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:
#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF
But not when I run this:
#!/bin/bash
ssh -t 192.168.1.100 sudo id
How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?
bash ssh sudo
asked Jun 11 '14 at 22:23
Andy
24112
1
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55
add a comment |
up vote
4
down vote
favorite
up vote
4
down vote
favorite
I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.
I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:
#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF
But not when I run this:
#!/bin/bash
ssh -t 192.168.1.100 sudo id
How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?
bash ssh sudo
asked Jun 11 '14 at 22:23
Andy
24112
I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.
I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:
#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF
But not when I run this:
#!/bin/bash
ssh -t 192.168.1.100 sudo id
How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?
bash ssh sudo
bash ssh sudo
asked Jun 11 '14 at 22:23
Andy
24112
asked Jun 11 '14 at 22:23
Andy
24112
asked Jun 11 '14 at 22:23
Andy
24112
asked Jun 11 '14 at 22:23
Andy
24112
asked Jun 11 '14 at 22:23
Andy
24112
24112
1
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55
add a comment |
1
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55
1
1
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55
add a comment |
1 Answer
1
active
oldest
votes
up vote
2
down vote
With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
To get it to work you can do something like:
ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF
Although this is not a good idea since the password will be in plain text.
Update
I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:
ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF
Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal butsudostill tries to read the password form it. It is possible to use-Sto make it read the password fromstdin(not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
|
show 5 more comments
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f136676%2fsudo-sorry-you-must-have-a-tty-to-run-sudo-when-using-sudo-in-a-remote-scrip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
To get it to work you can do something like:
ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF
Although this is not a good idea since the password will be in plain text.
Update
I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:
ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF
Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal butsudostill tries to read the password form it. It is possible to use-Sto make it read the password fromstdin(not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
|
show 5 more comments
up vote
2
down vote
With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
To get it to work you can do something like:
ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF
Although this is not a good idea since the password will be in plain text.
Update
I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:
ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF
Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal butsudostill tries to read the password form it. It is possible to use-Sto make it read the password fromstdin(not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
|
show 5 more comments
up vote
2
down vote
up vote
2
down vote
With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
To get it to work you can do something like:
ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF
Although this is not a good idea since the password will be in plain text.
Update
I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:
ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF
Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
To get it to work you can do something like:
ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF
Although this is not a good idea since the password will be in plain text.
Update
I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:
ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF
Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
edited Jun 19 '14 at 8:44
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
answered Jun 11 '14 at 22:33
Graeme
24.8k46296
24.8k46296
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal butsudostill tries to read the password form it. It is possible to use-Sto make it read the password fromstdin(not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
|
show 5 more comments
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal butsudostill tries to read the password form it. It is possible to use-Sto make it read the password fromstdin(not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35
@Andy, yes, it will since there is no actual terminal but
sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.– Graeme
Jun 11 '14 at 22:39
@Andy, yes, it will since there is no actual terminal but
sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.– Graeme
Jun 11 '14 at 22:39
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48
|
show 5 more comments
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f136676%2fsudo-sorry-you-must-have-a-tty-to-run-sudo-when-using-sudo-in-a-remote-scrip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41
I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54
also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55