Fix “Sorry, try again sudo: 3 incorrect password attempts” in WSL
Fix “Sorry, try again sudo: 3 incorrect password attempts” in WSL
You might have encountered similar errors to the ones below while using Windows Subsystem for Linux (WSL). The two errors demonstrated and FIXED below occur under different but related instances, that trace back to the Linux utility named “sudo“, used for privilege escalation.
When a user in the “sudo” group in some Linux distributions or “wheel” group in other distros, uses the “sudo” utility they are asked to enter their password to escalate privileges for tasks that require administrative permissions.
In the case of our error here, when a NON-ROOT user in either of the groups discussed above runs a “sudo” command, Error 1, is thrown;
e.g.:
sudo apt-get check
sudo su -
Error 1:
Sorry, try again
Sorry, try again
sudo: 3 incorrect password attempt
On the other hand, when a ROOT user runs a “sudo” command (for whatever reason they would wanna do that), , Error 2, is thrown;
e.g.:
sudo su thetqweb
Error 2:
sudo: account validation failure, is your account locked?
The root cause of Error 1 & 2 above is an error (configuration or dependency) in the package “libcrypt1“. This package is a modern shared library for one-way hashing of passwords in Debian GNU/Linux and all Debian-based Linux distributions. It has support for:- bcrypt-based password hashes; SHA-2-512; SHA-2-256; NTHASH; SUNMD5; MD5; && DES. To find out more about the package/library, check out “https://packages.debian.org/stable/libcrypt1“!
[SOLUTION]
[DOWNLOADING]
To fix the “libcrypt1” configuration/dependency errors, you first need to download the package from Debian server of choice [North America; South America; Asia; Africa; Europe; Oceania];
sudo wget http://http.us.debian.org/debian/pool/main/libx/libxcrypt/libcrypt1_4.4.18-4_amd64.deb -O libcrypt1_4.4.18-4_amd64.deb
To avoid the Certificate Error below, use “http://” instead of “https://” for the “wget” command.
Resolving http.us.debian.org (http.us.debian.org)... 64.50.233.100, 64.50.236.52, 208.80.154.139, ...
Connecting to http.us.debian.org (http.us.debian.org)|64.50.233.100|:443... connected.
The certificate's owner does not match hostname 'http.us.debian.org'
There are ways to verify integrity, provided by Debian, and specific to this package (in case you got your package from elsewhere);
libcrypt1_4.4.18-4_amd64.deb INTEGRITY
Exact Size: 87504 Byte (85.5 kByte)
MD5 checksum: d7fd14a5ed9019abe12024988b23bf30
SHA256 checksum: f617952df0c57b4ee039448e3941bccd3f97bfff71e9b0f87ca6dae15cb3f5ef
[INSTALLING]
Next step involves installing the downloaded package “libcrypt1_4.4.18-4_amd64.deb” using the “dpkg” utility;
dpkg -i Downloads/kali-packages/libcrypt1_4.4.18-4_amd64.deb
The above command did NOT run successfully due to Dependency problems in “libc6“, which was found YET to be configured. Therefore, the NEXT step was to CONFIGURE the affected package.
dpkg --configure libc6
After a successful configuration, the NEXT step was to repeat the INSTALLATION command;
dpkg -i Downloads/kali-packages/libcrypt1_4.4.18-4_amd64.deb
[Proof of Concept (PoC)]
At this point, what was left was just to prove that the problematic commands that resulted in Errors 1 && 2 were now FIXED. Below are commands and their resultant output in screen snips that prove that the FIX WORKED. The first “sudo” command was run as a NON-ROOT user, and the second as a ROOT user.
Error 1 FIXED::
sudo su -
Error 2 FIXED::
sudo su thetqweb
Fix “Sorry, try again sudo: 3 incorrect password attempts” in WSL
Forum [ WSL ] | thetqweb