Add `--elevation-program=none` option for passwordless sudo on remote target-host

[songpola]

I have confirmed that this is a bug related to nh

• This is a bug, and not an user error or a support request. I understand that my issue will be closed if it is not a bug in NH.
• I have checked the issues tab and confirmed that my issue has not yet been reported. I understand that my issue will be closed if it is a duplicate.

Description

Currently, the nh os switch --target-host ... asks the [sudo] password for {host}: regardless whether the remote target-host has passswordless sudo or not.

Relevent code

nh/src/commands.rs

Lines 460 to 480 in c215925

	// Prompt for sudo password if needed for remote deployment
	// FIXME: this implementation only covers Sudo. I *think* doas and run0 are
	// able to read from stdin, but needs to be tested and possibly
	// mitigated.
	let sudo_password = if self.ssh.is_some() && self.elevate.is_some() {
	let host = self.ssh.as_ref().unwrap();
	if let Some(cached_password) = get_cached_password(host) {
	Some(cached_password)
	} else {
	let password =
	inquire::Password::new(&format!("[sudo] password for {host}:"))
	.without_confirmation()
	.prompt()
	.context("Failed to read sudo password")?;
	let secret_password = SecretString::new(password.into());
	cache_password(host, secret_password.clone());
	Some(secret_password)
	}
	} else {
	None
	};

Installation Method

Stable Release (nixpkgs, pkgs.nh from nixos-unstable or nixos-yy-mm)

Installation Method (Other)

No response

NH Version

nh 4.2.0

System Information

• system: "x86_64-linux"
• host os: Linux 6.6.87.2-microsoft-standard-WSL2, NixOS, 25.11 (Xantusia), 25.11.20250928.e9f00bd
• multi-user?: yes
• sandbox: yes
• version: nix-env (Nix) 2.28.5
• nixpkgs: /nix/store/jc3mfa7ybzh32bkvdj5xiib1vkx8jy6x-source

[NotAShelf]

Ah I completely forgot to test this while I was adding remote sudo support.

I'll add a none option for the elevation program for the next release.