Our staging server is on an Amazon EC2 instnace. When you ssh into it you can execute a sudo command or sudo su without having to enter a password.

Is there anyway I can require a password from a user when they try a command with sudo? I have a 3rd party dev who needs access and I want to restrict root privileges for them.

I tried setting a password with sudo passwd but I still don't require a password.

~$ sudo passwd root
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
~$ sudo su
/home/ubuntu# exit
~$ sudo passwd
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
~$ sudo su
/home/ubuntu#

UPDATE

I tried requiring the password by running sudo visudo and adding:

ubuntu        ALL=(ALL)       ALL

Now I'm asked for a password but the one which I set does not work! Luckily I created an AMI before I started any of this.

Could the issue be that I don't have a password set for the ubuntu user, I should I have run sudo passwd ubuntu rather than sudo passwd root.

FINAL SOLUTION

Just to clarify, my mistake was that I set the password for the wrong user, I tried to set it for root whereas I should have set it for ubuntu with:

~$ sudo passwd ubuntu

And then updating /etc/sudoers so that the ubuntu user must give their password when running a sudo command. To edit this file you must run sudo visudo and add:

ubuntu        ALL=(ALL)       ALL