Shell – sudo over ssh: no tty present and no askpass program specified

shellsshsudo

I keep getting this error and have tried several ways discussed online to fix this and none are working for me. I have setup SSH keys so when I run 'ssh newton@host.com' it automatically logs me in, I have also set this user in visudo to be 'newton ALL=(ALL:ALL) ALL'
I then also tried to add 'newton ALL=NOPASSWD: /var/www/script.sh'

Unfortunately, every time I run ssh newton@host.com 'sudo /var/www/script.sh' from Cygwin I get back. I have also tried to add -t -t but then it prompts me for the password.

total size is 21209180  speedup is 314.69
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts

Best Answer

You need to have a terminal available to run sudo so that it can prompt you for the password. If you pass a command to ssh, it assumes that the command doesn't need a terminal and doesn't create one, unless you pass -t. See SSH inside SSH fails with "stdin: is not a tty" for a more detailed explanation.

If you aren't able to enter the password even with -t, it's possible that your problem is due to Windows. The Windows console does not completely emulate a unix terminal; there may be some difficulty for Cygwin applications to properly emulate a terminal in these circumstances (I'm not sure about that, note). If that's the problem, run ssh inside a terminal emulator such as Console2 or Mintty (included in the Cygwin distribution) — see Best way to use a shell with Cygwin in Windows 7.

If you expected the SSH passphrase to replace your password for authentication to sudo, that's not going to happen. Sudo requires a password (unless you add the NOPASSWD tag in the sudoers file). Note that you still need to have a terminal, even with NOPASSWD, if the requiretty option is set in the sudoers file.

If you want passwordless login up to the root account (which is generally not a good idea from a security perspective), use SSH to reach the root account, preferably in two hops. See SSH inside SSH fails with "stdin: is not a tty" (with root@host.com for otheruser@computertwo.com).

Related Solutions

Shell – Execute Shell Script from PHP as Root User

For security reasons you should never try to execute something with the user www-data with more privileges than it naturally has. There was a reason why some times ago the Apache access was moved to www-data. If you need to do something on your machine as root - and changing passwords or creating accounts is this 'something' - you should build an interface. Let the php-script put something somewhere and scan this via scripts executed from root and handle it there. You could f.e. create a file containing the users to add in a directory where www-data has access, and then perform this via root-cronjob every 5 minutes (or less) and move the file to a done-folder with timestamp to have control over what is happening.

SSH – How to DD a Remote Disk Using SSH and Save to Local Disk

If your intent is to backup a remote computer's HDD A via SSH to a single file that's on your local computer's HDD, you could do one of the following.

Examples

run from remote computer

$ dd if=/dev/sda | gzip -1 - | ssh user@local dd of=image.gz

run from local computer

$ ssh user@remote "dd if=/dev/sda | gzip -1 -" | dd of=image.gz

Live example

$ ssh skinner "dd if=/dev/sda5 | gzip -1 -" | dd of=image.gz
208782+0 records in
208782+0 records out
106896384 bytes (107 MB) copied, 22.7608 seconds, 4.7 MB/s
116749+1 records in
116749+1 records out
59775805 bytes (60 MB) copied, 23.9154 s, 2.5 MB/s

$ ll | grep image.gz
-rw-rw-r--.   1 saml saml  59775805 May 31 01:03 image.gz

Methods for monitoring?

Login via ssh in another terminal and ls -l the file to see what it's size is.
You can use pv to monitor the progress of a large dd operation, for instance, for the remote example above, you can do:
```
$ dd if=/dev/sda | gzip -1 - | pv | ssh user@local dd of=image.gz
```
Send a "SIGUSR1" signal to dd and it will print stats. Something like:
```
$ pkill -USR1 dd
```

References

The methods mentioned above for monitoring were originally left via comments by @Ryan & @bladt and myself. I've moved them into the answer to make them more obvious.