Password necessary in face of sudo

Hi all,

I have logged in successfully via ssh to raspi3 with openhabian as openhabian@openHABianPi.
Afterwards I want to start a pythonscript with 2 parameters like:

openhabian@openHABianPi:~/scripts$ sudo 5 100

But openhabian is asking for the password:

[sudo] password for openhabian:

Only when I supply the password “openhabian” (it is the default password, which I using via ssh)
the script started and is working fine.
When I started the script again, e.g. 1 minute later, no password is necessary.

Is there any solution to skirt the extra inserting of password after starting the script for the first time?

Thanks a lot,

This is default behaviour for sudo, not openhabian related.


sudo visudo

in your ssh session

Add the following line at the end of your file:

openhabian ALL=NOPASSWD: ALL

Save and close sudoers file
You now should (might be after a reboot) be able to use sudo without being asked for entering a password.

Hi Hans-Jörg,

thanks for your response, but it’s not working like expect.
I have added the following row via sudo visudo and rebooted the system again,
but it’s still necessary to put in the pw for openhabian.

User privilege specification

openhabian ALL=(ALL) NOPASSWD: ALL

Allow members of group sudo to execute any command


Best Regards

The entry is wrong, just checked it on one of my machines.

openhabian ALL=NOPASSWD: ALL

is the correct line. Sorry for my mistake. I corrected my first answer.

Hi Hans-Jörg,

I have corrected the entry in:

openhabian ALL=NOPASSWD: ALL

But the behavior is the same, openhabian is asking for a pw.

Strange and I am running out of clues, as this is working on several machines running in my environment.

If openhabian is member of the group sudo, the policy would be overridden by the group policy, as this is defined after users. In fact, it is not a good idea to allow the user to execute all commands without password, it’s better to set this per command, and it’s better not to touch /etc/sudoers att all. Please take a look at /etc/sudouers, if there is a line at the bottom of the file

#includedir /etc/sudoers.d

The number sign is necessary here, this is no comment! If this line exists, you can use the directory to expand sudoers policies:

sudo touch /etc/sudoers.d/nopasswordneeded
sudo chmod 440 /etc/sudoers.d/nopasswordneeded
sudo visudo -f /etc/sudoers.d/nopasswordneeded

now type:

openhabian openHABianPi = (root) NOPASSWD: /usr/bin/python /home/openhabian/scripts/ 5 100

as this is the correct term:

  • openhabian is the user name, the line fits to
  • openHABianPi is the host, the line fits to, so you can limit, from which machine the user can operate.
  • (root) is the user, which can be used to execute the command (otherwise you could use sudo -u anyuser to execute a command as another user, not only root)
  • /usr/bin/python you have to expose the complete path to the command
  • /home/openhabian/scripts/ I’m quite sure you will have to expose the full path to the script file either
  • 5 100 of course, you don’t need to expose the parameters, but it’s possible to do it :wink:

Hi Udo,

sorry for my late response, due to vacation.
Thanks a lot for your extensive comments :slight_smile:
It’s working fine now without any pw prompt.

Best wishes