diff --git a/.env.sample b/.env.sample
index 9c304c844ea7ed402e43d23ff8ac37d5c3fd1b0a..d5570095809dc1861980a2d85915dbb4ee8302e8 100644
--- a/.env.sample
+++ b/.env.sample
@@ -6,7 +6,7 @@ PASS=MON_SUPER_MOT_DE_PASSE
 NAME=kasmVNC
 VNC_USER=kasm
 HOST=kasmVNC.tetras-lab.io
-PORT=6901
+PORT=3001
 UID=1000
 GID=1000
 
@@ -25,4 +25,4 @@ ANACONDA=true
 QGIS=true
 # Should the user have sudo rights
 # **only home is a volume, any modifcation in other FS will be lost**
-SUDO=true
+SUDO=false
diff --git a/docker-compose.yml b/docker-compose.yml
index 8f99852735a343bb12eb4002a3ebec59a68a53f1..96369d5e4562a523222013725abaec772aadc0b9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,7 +12,7 @@ services:
     security_opt:
       - seccomp:unconfined #optional
     volumes:
-      - homedir:/config/:rw
+      - homedir:/config:rw
     environment:
       - PASSWORD=${PASS}
       - ANACONDA=${ANACONDA}
@@ -20,6 +20,7 @@ services:
       - PUID=${UID}
       - PGID=${GID}
       - TZ=${TZ}
+      - SUDO=${SUDO}
     devices:
       - /dev/dri:/dev/dri #optional
 
diff --git a/docker/kasm/Dockerfile b/docker/kasm/Dockerfile
index db88ecf84c60cf170fa97d493d9939fc877d7f17..befc64fcecd653c4bc7486cf53a7048c28ba7f41 100644
--- a/docker/kasm/Dockerfile
+++ b/docker/kasm/Dockerfile
@@ -1,17 +1,10 @@
 FROM lscr.io/linuxserver/webtop:ubuntu-mate as kasmvnc-base
 
-#ENV HOME /home/kasm-default-profile
 ENV STARTUPDIR /custom-cont-init.d
-#ENV INST_SCRIPTS $STARTUPDIR/install
 
-######### Customize Container Here ###########
-
-ARG SPYDER
 ARG QGIS
 ARG ANACONDA
 ARG ANACONDA_VERS=Anaconda3-2024.02-1
-ARG KASM_USER
-
 
 RUN apt-get update && \
     apt-get install -y \
@@ -44,9 +37,4 @@ RUN if [ "$QGIS" = true ] ; then \
 
 COPY custom_startup.sh $STARTUPDIR/custom_startup.sh
 COPY change_password.sh /
-
-# TODO usermod
-# Homedir
-# Sudoer
-# username
-# lecture file for sudo
+COPY lecture /etc/sudoers.lecture
diff --git a/docker/kasm/change_password.sh b/docker/kasm/change_password.sh
index 1e4c694949c6d4d91c79f47c823d20447b790f25..491630b2e1c9ed774e402f9ed6fe0cac81ace6f1 100755
--- a/docker/kasm/change_password.sh
+++ b/docker/kasm/change_password.sh
@@ -1,22 +1,16 @@
 #!/bin/bash
 
 title="Changement du mot de passe"
-password=$(zenity --title="$title" --text="Veuillez entrer votre mot de passe" --entry)
+password=$(zenity --title="$title" --text="Veuillez entrer votre nouveau mot de passe" --entry)
 confirm=$(zenity --title="$title" --text="Veuillez confirmer votre mot de passe" --entry)
 icon="error"
 ok=0
 if [ "$password" == "$confirm" ]; then
     ok=1
-    message=$(echo -e "$password\n$password\n" | kasmvncpasswd -u $KASM_USER -wo 2>&1)
-    if [ $? -eq 0 ]; then
-        # TODO generate htpassword file in /etc/nginx/.htpasswd and copy it to /home/$KASM_USER/.htpasswd
-        cp $HOME/.kasmpasswd $HOME/.kasmpasswd.persist
-        cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
-        # Restart the VNC server
-        kill $(cat .vnc/*.pid)
-        icon="info"
-        message="Le mot de passe a été changé"
-    fi
+    printf "${CUSTOM_USER}:$(openssl passwd -apr1 ${password})\n" > /etc/nginx/.htpasswd
+    cp /etc/nginx/.htpasswd $HOME/.htpasswd.persist
+    icon="info"
+    message="Le mot de passe a été changé"
 else
     message="La confirmation du mot de passe n'est pas identique au mot de passe"
 fi
diff --git a/docker/kasm/custom_startup.sh b/docker/kasm/custom_startup.sh
index 88335179955546961ccca7e9b38903184d3eb8f5..d849277d8daa5c203069bebec1e34642d932efae 100755
--- a/docker/kasm/custom_startup.sh
+++ b/docker/kasm/custom_startup.sh
@@ -1,5 +1,21 @@
 #!/bin/bash
-VNC_HOME=/home/kasm-user
+
+login=abc
+VNC_HOME=/config
+
+if [ "$SUDO" == "true" ]; then
+    if [ -z "$(grep 'alias sudo' $VNC_HOME)" ]; then
+        echo 'alias sudo="cat /etc/sudoers.lecture; sudo $@"' >> $VNC_HOME/.bashrc
+    fi
+else
+    echo "Removing sudo right to ${CUSTOM_USER}"
+    gpasswd --delete $login sudo
+fi
+
+if [ -f $VNC_HOME/.htpasswd.persist ]; then
+    cp $VNC_HOME/.htpasswd.persist /etc/nginx/.htpasswd
+fi
+chown $PUID:root  /etc/nginx/.htpasswd
 
 # Add changepassword icon
 mkdir -p $VNC_HOME/Desktop
@@ -13,19 +29,18 @@ terminal=true
 EOF
 
 if [ "$ANACONDA" == 'true' ]; then
+    if [ -z "$(grep 'conda init' $VNC_HOME/.bashrc)" ]; then
+        sudo -u $login bash /install/Anaconda3-*.sh -b
+        sudo -u $login $VNC_HOME/anaconda3/bin/conda init
+    fi
 cat <<eof > $VNC_HOME/Desktop/anaconda.desktop
 [Desktop Entry]
 Type=Application
 Name=Anaconda
 Terminal=true
-Icon=$VNC_HOME/anaconda3/lib/python3.8/site-packages/anaconda_navigator/static/images/anaconda.png
+Icon=$(find $VNC_HOME/anaconda3/ -iname anaconda.png | head -n 1)
 Exec=$VNC_HOME/anaconda3/bin/anaconda-navigator
 eof
-
-if [ -z "$(grep 'conda init' $VNC_HOME/.bashrc)" ]; then
-    bash /install/Anaconda3-*.sh -b
-    $VNC_HOME/anaconda3/bin/conda init
-fi
 fi
 
 cat <<eof > $VNC_HOME/Desktop/spyder.desktop
diff --git a/docker/kasm/lecture b/docker/kasm/lecture
new file mode 100644
index 0000000000000000000000000000000000000000..b5a19276557e4836138f2a42566fb4b09fdc2529
--- /dev/null
+++ b/docker/kasm/lecture
@@ -0,0 +1,6 @@
+################################### WARNING ###################################
+Although you have root access, any change to the main file system will be
+dropped upon container restart.
+If you whish to install new softwares please contact the system administrator
+for help.
+###############################################################################
diff --git a/kasm b/kasm
index 99d851cf7e2df7c3d9e522fe2e3c70568b1c0ae8..6fe8182ba1e2de7185c80ff1aeea50ddbee3958b 100755
--- a/kasm
+++ b/kasm
@@ -53,7 +53,7 @@ case $action in
         $compose down $@
         ;;
     "reset_passwd")
-        $cmd rm .htpasswd
+        $cmd rm .htpasswd.persist
         $compose down
         $compose up -d
         ;;