Skip to main content
 

 

Sudo mode

In this article

To confirm access to your account before you perform a potentially sensitive action, GitHub.com prompts for authentication.

About sudo mode

To maintain the security of your account when you perform a potentially sensitive action on GitHub.com, you must authenticate even though you're already signed in. For example, GitHub considers the following actions sensitive because each action could allow a new person or system to access your account.

  • Modification of an associated email address
  • Authorization of a third-party application
  • Addition of a new SSH key

After you authenticate to perform a sensitive action, your session is temporarily in "sudo mode." In sudo mode, you can perform sensitive actions without authentication. GitHub Enterprise Cloud will wait a few hours before prompting you for authentication again. During this time, any sensitive action that you perform will reset the timer.

"sudo" is a reference to a program on Unix systems, where the name is short for "superuser do." For more information, see sudo on Wikipedia.

Confirming access for sudo mode

To confirm access for sudo mode, you can authenticate with your password. Optionally, you can use a different authentication method, like a security key, GitHub Mobile, or a 2FA code.

Confirming access using a security key

You must configure two-factor authentication (2FA) for your account using a security key to confirm access to your account for sudo mode using the security key. For more information, see "Configuring two-factor authentication."

When prompted to authenticate for sudo mode, click Use security key, then follow the prompts.

Screenshot of security key option for sudo mode

Confirming access using GitHub Mobile

You must install and sign into GitHub Mobile to confirm access to your account for sudo mode using the app. For more information, see "GitHub Mobile."

  1. When prompted to authenticate for sudo mode, click Use GitHub Mobile.

    Screenshot of GitHub Mobile option for sudo mode

  2. Open GitHub Mobile. GitHub Mobile will display numbers that you must enter on GitHub.com to approve the request.

    Screenshot of numbers from GitHub Mobile to enter on GitHub Enterprise Cloud to approve sudo mode access

  3. On GitHub Enterprise Cloud, type the numbers displayed in GitHub Mobile.

Confirming access using a 2FA code

You must configure 2FA using a TOTP mobile app or text messages to confirm access to your account for sudo mode using a 2FA code. For more information, see "Configuring two-factor authentication."

When prompted to authenticate for sudo mode, type the authentication code from your TOTP mobile app or the text message, then click Verify.

Screenshot of 2FA code prompt for sudo mode

Confirming access using your password

When prompted to authenticate for sudo mode, type your password, then click Confirm.

Screenshot of password prompt for sudo mode