8_hxog
Last Updated: February 25, 2016
·
786
· passy

Removing the delay when entering an incorrect sudo password

Delays can be massively useful to counter brute-force attacks. The difference between 0s and 2s in delay can translate into a maximum of 30 attempts and millions of attempts per minute. However, in sudo's case the wait when fat-fingering my password breaks my focus way too often, which is why I wanted to disable it. Luckily, it's only one word you have to add to a file.

Find these lines in your /etc/pam.d/common-auth:

# here are the per-package modules (the "Primary" block)
auth [success=1 default=ignore] pam_unix.so nullok_secure

And append the word nodelay to the second line. Done. Enjoy your wait-free fat-fingering experience.

Note: Please be sure to only apply this on your local, low-risk machines and never on a server.