"sudo" command executed with JSch requires password, even when the password is not required in an interactive SSH session

Question

From Linux command shell I can make SSH connection to our CentOS machine using user ABC. After successful SSH connection, I can run sudo command and no password is required.

sudo /usr/bin/rootsh -i -u root

In JSch program, I make am SSH connection using user ABC and then execute the above command, but it asks me:

[sudo] password for [**ABC**]

I am opening a channel using the following code:

session.openChannel("exec");

I do not understand why it asks for password even no password is required. Also it asks password for ABC, but in my sudo command I have specified user root.

How can I solve this problem?

Answer 1

There's requiretty option in sudoers that you have most probably set.

JSch by does not allocate a pseudo terminal for exec channel.

Remove the requiretty option. That's the only correct option.

If you cannot remove it, you can force JSch to allocate pseudo terminal by calling:

channelExec.setPty(true);

See also Use JSch sudo example and Channel.setPty for running sudo command on remote host.

But that's not a good option, as it can bring you lot of nasty side effects. Pseudo terminal is intended for an interactive use, not for automating command execution.

For some examples, see

• Is there a simple way to get rid of junk values that come when you SSH using Python's Paramiko library and fetch output from CLI of a remote machine?
• Remove of unwanted characters when I am using JSch to run command
• Removing shell stuff (like prompts) from command output in JSch

And the same is true to sudo. You should not automate sudo. The correct solution is to setup a dedicated private key with only privileges needed for your task.