Ubuntu – How to run wireshark, with root-privileges

permissionswireshark

A standard installation of Wireshark doesn't give the program permission to access the network interface.

I suppose I have to run the program with sudo, but do not know how to add it to the icon – if that's the way to do it.

Best Answer

For WireShark there's a better way. The bit that normally needs root is the packet collection application and this can be configured to allow certain people to use it without sudo, gksu, etc.

In a terminal (very important that you're in a terminal, not just the Alt+F2 dialogue) run this:

sudo dpkg-reconfigure wireshark-common

This will ask you if you want to allow non-root user to be able to sniff. That's what we're aiming for, so select Yes and hit return.

Reconfiguring wireshark-common

This adds a wireshark group. Anybody in that group will be able to sniff without being root. This is obviously more secure than just letting anybody sniff but does mean there's no password checking. Technically any person with access to a computer logged in with a wireshark account will be able to sniff. If that's acceptable to you, carry on.

If not, run that again and select no.

Then you just need to add the user to that group. Run this:

sudo adduser $USER wireshark

And restart or log out. When you're back in it should let you start sniffing without any fuss about being root.

Best Answer

Related Solutions

Ubuntu – Wireshark – allow non-root user to sniff USB traffic

Ubuntu – Setting up wireshark for non root user

Related Question