“sudo: sorry, you must have a tty to run sudo” when using sudo in a remote script

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
4
down vote

favorite












I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.



I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:



#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF


But not when I run this:



#!/bin/bash
ssh -t 192.168.1.100 sudo id


How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?










share|improve this question

















  • 1




    Possible duplicate: unix.stackexchange.com/questions/122616/…
    – Christopher
    Jun 11 '14 at 22:41










  • I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
    – Andy
    Jun 11 '14 at 22:54











  • also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
    – Andy
    Jun 11 '14 at 22:55














up vote
4
down vote

favorite












I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.



I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:



#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF


But not when I run this:



#!/bin/bash
ssh -t 192.168.1.100 sudo id


How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?










share|improve this question

















  • 1




    Possible duplicate: unix.stackexchange.com/questions/122616/…
    – Christopher
    Jun 11 '14 at 22:41










  • I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
    – Andy
    Jun 11 '14 at 22:54











  • also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
    – Andy
    Jun 11 '14 at 22:55












up vote
4
down vote

favorite









up vote
4
down vote

favorite











I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.



I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:



#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF


But not when I run this:



#!/bin/bash
ssh -t 192.168.1.100 sudo id


How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?










share|improve this question













I want to run a series of sudo-elevated commands on a remote machine from an embedded script. To simplify the question, I'm just trying to run sudo id and get it to tell me that it's root.



I am encountering "sudo: sorry, you must have a tty to run sudo" when I run this script:



#!/bin/bash
ssh -t 192.168.1.100<<EOF
sudo id
EOF


But not when I run this:



#!/bin/bash
ssh -t 192.168.1.100 sudo id


How do I get the first one, with the end-of-file designations for an embedded script to respect the forced tty at the other end of the SSH?







bash ssh sudo






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jun 11 '14 at 22:23









Andy

24112




24112







  • 1




    Possible duplicate: unix.stackexchange.com/questions/122616/…
    – Christopher
    Jun 11 '14 at 22:41










  • I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
    – Andy
    Jun 11 '14 at 22:54











  • also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
    – Andy
    Jun 11 '14 at 22:55












  • 1




    Possible duplicate: unix.stackexchange.com/questions/122616/…
    – Christopher
    Jun 11 '14 at 22:41










  • I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
    – Andy
    Jun 11 '14 at 22:54











  • also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
    – Andy
    Jun 11 '14 at 22:55







1




1




Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41




Possible duplicate: unix.stackexchange.com/questions/122616/…
– Christopher
Jun 11 '14 at 22:41












I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54





I can't change the /etc/sudoers to remove the requiretty and I'm required to use a password to elevate with sudo.
– Andy
Jun 11 '14 at 22:54













also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55




also, I am already using the -t option on my ssh, it just that the embedded script within the EOF tags isn't respecting the forced tty
– Andy
Jun 11 '14 at 22:55










1 Answer
1






active

oldest

votes

















up vote
2
down vote













With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:




Pseudo-terminal will not be allocated because stdin is not a terminal.




To get it to work you can do something like:



ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF


Although this is not a good idea since the password will be in plain text.



Update



I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:



ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF


Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.






share|improve this answer






















  • That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
    – Andy
    Jun 11 '14 at 22:35











  • @Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
    – Graeme
    Jun 11 '14 at 22:39










  • It also outputs the password in clear text and still doesn't run the command.
    – Andy
    Jun 11 '14 at 22:41










  • @Andy, I had the same effect, yes. It did run the command though.
    – Graeme
    Jun 11 '14 at 22:42










  • The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
    – Andy
    Jun 11 '14 at 22:48










Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f136676%2fsudo-sorry-you-must-have-a-tty-to-run-sudo-when-using-sudo-in-a-remote-scrip%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
2
down vote













With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:




Pseudo-terminal will not be allocated because stdin is not a terminal.




To get it to work you can do something like:



ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF


Although this is not a good idea since the password will be in plain text.



Update



I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:



ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF


Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.






share|improve this answer






















  • That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
    – Andy
    Jun 11 '14 at 22:35











  • @Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
    – Graeme
    Jun 11 '14 at 22:39










  • It also outputs the password in clear text and still doesn't run the command.
    – Andy
    Jun 11 '14 at 22:41










  • @Andy, I had the same effect, yes. It did run the command though.
    – Graeme
    Jun 11 '14 at 22:42










  • The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
    – Andy
    Jun 11 '14 at 22:48














up vote
2
down vote













With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:




Pseudo-terminal will not be allocated because stdin is not a terminal.




To get it to work you can do something like:



ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF


Although this is not a good idea since the password will be in plain text.



Update



I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:



ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF


Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.






share|improve this answer






















  • That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
    – Andy
    Jun 11 '14 at 22:35











  • @Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
    – Graeme
    Jun 11 '14 at 22:39










  • It also outputs the password in clear text and still doesn't run the command.
    – Andy
    Jun 11 '14 at 22:41










  • @Andy, I had the same effect, yes. It did run the command though.
    – Graeme
    Jun 11 '14 at 22:42










  • The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
    – Andy
    Jun 11 '14 at 22:48












up vote
2
down vote










up vote
2
down vote









With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:




Pseudo-terminal will not be allocated because stdin is not a terminal.




To get it to work you can do something like:



ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF


Although this is not a good idea since the password will be in plain text.



Update



I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:



ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF


Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.






share|improve this answer














With the first one there is no tty for ssh since stdin is not connected to the terminal, it is a here file. In fact if I try to run a similar command (on Debian) I get the following error:




Pseudo-terminal will not be allocated because stdin is not a terminal.




To get it to work you can do something like:



ssh -tt 192.168.1.100 <<EOF
sudo -S id
password
EOF


Although this is not a good idea since the password will be in plain text.



Update



I stumbled across an easy solution to this that avoids encoding the password in plain text, you can use a graphical program to enter the password:



ssh -X 192.168.1.100 <<EOF
SUDO_ASKPASS=/usr/lib/ssh/x11-ssh-askpass sudo -A id
EOF


Of course the ssh-askpass program must be installed in the given location and you must be running an X session on the machine you are working on. There are a few variations on the ssh-askpass program which should also work (Gnome/KDE versions). Also a graphical sudo replacement program like gksu or kdesudo should do the job too.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jun 19 '14 at 8:44

























answered Jun 11 '14 at 22:33









Graeme

24.8k46296




24.8k46296











  • That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
    – Andy
    Jun 11 '14 at 22:35











  • @Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
    – Graeme
    Jun 11 '14 at 22:39










  • It also outputs the password in clear text and still doesn't run the command.
    – Andy
    Jun 11 '14 at 22:41










  • @Andy, I had the same effect, yes. It did run the command though.
    – Graeme
    Jun 11 '14 at 22:42










  • The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
    – Andy
    Jun 11 '14 at 22:48
















  • That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
    – Andy
    Jun 11 '14 at 22:35











  • @Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
    – Graeme
    Jun 11 '14 at 22:39










  • It also outputs the password in clear text and still doesn't run the command.
    – Andy
    Jun 11 '14 at 22:41










  • @Andy, I had the same effect, yes. It did run the command though.
    – Graeme
    Jun 11 '14 at 22:42










  • The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
    – Andy
    Jun 11 '14 at 22:48















That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35





That doesn't work for me either. I get tcgetattr: Inappropriate ioctl for device
– Andy
Jun 11 '14 at 22:35













@Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39




@Andy, yes, it will since there is no actual terminal but sudo still tries to read the password form it. It is possible to use -S to make it read the password from stdin (not recommended though), see my edit.
– Graeme
Jun 11 '14 at 22:39












It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41




It also outputs the password in clear text and still doesn't run the command.
– Andy
Jun 11 '14 at 22:41












@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42




@Andy, I had the same effect, yes. It did run the command though.
– Graeme
Jun 11 '14 at 22:42












The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48




The answer suggested at serverfault.com/questions/479553/… works for a simple command (like sudo id), but for my more complex scripts, it doesn't interpret correctly.
– Andy
Jun 11 '14 at 22:48

















draft saved

draft discarded
















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f136676%2fsudo-sorry-you-must-have-a-tty-to-run-sudo-when-using-sudo-in-a-remote-scrip%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown






Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?