{"id":47255,"date":"2024-09-20T09:46:11","date_gmt":"2024-09-20T09:46:11","guid":{"rendered":"https:\/\/ubuntuhandbook.org\/?p=47255"},"modified":"2024-09-21T11:09:35","modified_gmt":"2024-09-21T11:09:35","slug":"disable-password-authentication-ubuntu","status":"publish","type":"post","link":"https:\/\/ubuntuhandbook.org\/index.php\/2024\/09\/disable-password-authentication-ubuntu\/","title":{"rendered":"Disable Password Authentication Popups in Ubuntu 24.04"},"content":{"rendered":"

\"\"<\/a><\/p>\n

When launching some apps (e.g., GParted, Synaptic, or Grub Customizer), install\/uninstall packages with App Center or Software Updater, it always pops-up a dialog asking for admin password to authenticate.<\/p>\n

This is great for security! But for lazy men<\/del> those who don’t want to type user password again and again after logged in (or unlocked screen), it may be OK to disable the authentication window when using their computers at home or other safe places.<\/p>\n

\"\"<\/a>

Password Authentication Pop-up in Ubuntu<\/p><\/div>\n

<\/p>\n

NOTE 1: For security, it’s NOT recommended to disable the authentication. You MUST know what you’re going to do, and do it at your own risk!<\/b><\/p>\n

NOTE 2: This tutorial is tested and works on Ubuntu 24.04 and Debian 12. It should also work in Linux Mint 22, but NOT for Ubuntu 22.04 and earlier.<\/b><\/p>\n

About Polkit:<\/h3>\n

Ubuntu and many other Linux use polkit<\/a> for controlling system-wide privileges. It’s an authentication framework that provides a finer control of access rights for graphical desktop environments.<\/p>\n

When a graphical application need to do a registered action that requires admin\/root permission, polkit can control which user (or user in which group) that runs the app is authorized with or without password authentication.<\/p>\n

Unlike sudo<\/code> for command line, polkit does not grant root permission to an entire process, but allows specific privileges to a user or group on an as-needed basis.<\/p>\n

And, here I’m going to show you how to configure polkit to disable password authentication for either global or specific actions, when running with certain user or group.<\/p>\n

Option 1: Disable Password Authentication Globally for Certain Users<\/h3>\n

NOTE: Option 1 and option 2 do NOT stop your system from asking password when running sudo<\/code> command in terminal. It only works for graphical authentication pop-ups! See option 3 if you need for sudo command.<\/p>\n

1.<\/b> First, press Ctrl+Alt+T<\/code> on keyboard to open up a terminal window. When it opens, run command create & edit a config file under \/etc\/polkit-1\/rules.d\/<\/code> directory:<\/p>\n

sudo gnome-text-editor \/etc\/polkit-1\/rules.d\/49-nopasswd_global.rules<\/pre>\n
For non-GNOME desktop, replace gnome-text-editor<\/code> in command with your favorite text editor, or use nano<\/code> that works in most desktops.<\/i><\/p>\n
\"\"<\/a><\/p>\n
2.<\/b> When file opens, add the lines below and replace user “ji” to yours<\/b>:<\/p>\n
\/* Allow members in \"ji\" group to execute any actions\r\n * without password authentication.\r\n *\/\r\npolkit.addRule(function(action, subject) {\r\n    if (subject.isInGroup(\"ji\")) {\r\n        return polkit.Result.YES;\r\n    }\r\n});<\/pre>\n
In the code above, it adds a rule for all registered actions, while:<\/p>\n