I want terminals to show **** when I type a password. I have tried the method that web search results said: “etc/sudoer”. The problem is that it only worked for “sudo”. It did not work for other commands like “passwd” or when I tried to log in over SSH.
Is there a universal way to enable it, or do I have to enable for each app?
There is no universal way. The default is still: no pw feedback, since it is a security issue (observer can see the password lenght and browsers also restrict the viewable Asterisks). So if possible, you must explicitly enable it. But passwd has not such a option and at pam this possibility has been removed.
Thanks, but isn’t kind of an overprotection? Who exactly would be the “observer”? Someone behind my back? If it is meant to be some hacker over the Internet recording my screen, isn’t it far more efficient to capture my keyboard input and send that data over the Internet than the full recording of my screen which would take a lot of bandwidth so that I may notice it?
Just to note: Any input on the terminal can be recorded easily. If you would run:
cat | sudo passwd user
Then the password will be viewable and can be recorded without root permissions. Example: asciinema 
Also Asterisks reveal the password lenght, thus it helps the attacker reducing time on cracking the password.
Hiding the password on the terminal is the best practice here, since it eliminates this possibility.
A keylogger must have root privs to read the binary data and convert it.
Binary raw output:
sudo cat /dev/input/event2
Therefore, the attacker MUST get root privs to get your keyboard I/O.
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.