How to set up wireshark to run without root on Debian?

I'm trying to use wireshark on a Debian machine, but when I run it with my non-root user account, it doesn't detect any network interface.

I also tried running wireshark as root, but wireshark tells me this method is insecure.

I also read the FAQ and found "read the file on /usr/shared/wireshark-common/README.Debian file" - I did read that file, but I still don't know what I'm supposed to do.

Solution 1:

By installing Wireshark packages non-root users won't gain rights automatically to capture packets.

You need root privileges to capture traffic with Wireshark (or dumpcap, for that matter). According to the manual you mentioned, it should be possible to add your user to the wireshark group though:

useradd -G wireshark your-user-name

Don't know if that alone will work though. Here's also a guide from Wireshark Blog that explains it a bit more:

sudo -s
groupadd -g wireshark
usermod -a -G wireshark your-user-name
chgrp wireshark /usr/bin/dumpcap
chmod 4750 /usr/bin/dumpcap

That being said, you can safely run Wireshark to inspect, edit or filter packet dumps without root privileges.

Solution 2:

The file is actually /usr/share/doc/wireshark-common/README.Debian.

What you need to do is:

sudo dpkg-reconfigure wireshark-common

Choose the "yes" option.

usermod -a -G wireshark your-user-name

Logout and log back in to pick up the new group membership and you can now run wireshark as a non-root user.