How to Use sudo with SSH

Sometimes it’s necessary to use sudo with ssh. In general, this is a bad idea, however, the method below will keep the password safe and allow using it securely, i.e. not having it show up on the screen or in your shell history.

The procedure below works on any combination of macOS and Linux source and destination machines.

Setting up sudo on the Destination Computer

On macOS, a user with Administrator privileges is allowed to use sudo with their user password. So, no setup is necessary.

On Linux, the user must be in sudo group. After installing some Linux flavors, the user is already in the sudo group. However, when using Debian the root user is enabled and the regular user isn't in the sudo group. Let's fix this:

$ su -
Password:
# adduser $USER sudo
# exit
$ exit
(Login again here) 

You need to exit the $USER shell and login again to pick up the sudo group in your shell.

The sudo password is the $USER password (not the root password). Let's store it in a safe place. Create the file ~/.ssh/pass.txt. Note: the~/.ssh directory should already have permissions of 700, so it is secure.

$ vi ~/.ssh/pass.txt
(enter the password here)
$ chmod 600 ~/.ssh/pass.txt
$ vi ~/.bash_aliases
export PASS="$(cat…