sudo: 3 incorrect password attempts - can root see the password in clear text?
Clash Royale CLAN TAG#URR8PPP
up vote
4
down vote
favorite
If some user can't access some command with sudo
3 times, this should be reported to root user in access logserrors..
Can root see these attempts (like passwords tried) in text in the logs?
sudo password security
New contributor
add a comment |Â
up vote
4
down vote
favorite
If some user can't access some command with sudo
3 times, this should be reported to root user in access logserrors..
Can root see these attempts (like passwords tried) in text in the logs?
sudo password security
New contributor
add a comment |Â
up vote
4
down vote
favorite
up vote
4
down vote
favorite
If some user can't access some command with sudo
3 times, this should be reported to root user in access logserrors..
Can root see these attempts (like passwords tried) in text in the logs?
sudo password security
New contributor
If some user can't access some command with sudo
3 times, this should be reported to root user in access logserrors..
Can root see these attempts (like passwords tried) in text in the logs?
sudo password security
sudo password security
New contributor
New contributor
edited 9 mins ago
guntbert
8,835123067
8,835123067
New contributor
asked 2 hours ago
DoanldF
485
485
New contributor
New contributor
add a comment |Â
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
4
down vote
accepted
No, passwords are not logged by default. This would be a security problem, as logs may be read by other administrators, allowing impersonation of the user in case of a slightly mistyped password.
add a comment |Â
up vote
2
down vote
Logging in attempts successful and unsuccesful are logged in
/var/log/auth.log
Example of a succesful attempt:
Oct 23 21:24:01 schijfwereld sudo: rinzwind : TTY=pts/0 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
Oct 23 21:24:01 schijfwereld sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
And unsuccesful:
Oct 23 21:25:33 schijfwereld sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=rinzwind rhost= user=rinzwind
Oct 23 21:26:02 schijfwereld sudo: rinzwind : 3 incorrect password attempts ; TTY=pts/1 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
It logs the failed attempt and logs also the total of 3 wrongly typed passwords.
Passwords for sudo attempts are never shown or stored.
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
accepted
No, passwords are not logged by default. This would be a security problem, as logs may be read by other administrators, allowing impersonation of the user in case of a slightly mistyped password.
add a comment |Â
up vote
4
down vote
accepted
No, passwords are not logged by default. This would be a security problem, as logs may be read by other administrators, allowing impersonation of the user in case of a slightly mistyped password.
add a comment |Â
up vote
4
down vote
accepted
up vote
4
down vote
accepted
No, passwords are not logged by default. This would be a security problem, as logs may be read by other administrators, allowing impersonation of the user in case of a slightly mistyped password.
No, passwords are not logged by default. This would be a security problem, as logs may be read by other administrators, allowing impersonation of the user in case of a slightly mistyped password.
answered 1 hour ago
vidarlo
7,47942140
7,47942140
add a comment |Â
add a comment |Â
up vote
2
down vote
Logging in attempts successful and unsuccesful are logged in
/var/log/auth.log
Example of a succesful attempt:
Oct 23 21:24:01 schijfwereld sudo: rinzwind : TTY=pts/0 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
Oct 23 21:24:01 schijfwereld sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
And unsuccesful:
Oct 23 21:25:33 schijfwereld sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=rinzwind rhost= user=rinzwind
Oct 23 21:26:02 schijfwereld sudo: rinzwind : 3 incorrect password attempts ; TTY=pts/1 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
It logs the failed attempt and logs also the total of 3 wrongly typed passwords.
Passwords for sudo attempts are never shown or stored.
add a comment |Â
up vote
2
down vote
Logging in attempts successful and unsuccesful are logged in
/var/log/auth.log
Example of a succesful attempt:
Oct 23 21:24:01 schijfwereld sudo: rinzwind : TTY=pts/0 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
Oct 23 21:24:01 schijfwereld sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
And unsuccesful:
Oct 23 21:25:33 schijfwereld sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=rinzwind rhost= user=rinzwind
Oct 23 21:26:02 schijfwereld sudo: rinzwind : 3 incorrect password attempts ; TTY=pts/1 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
It logs the failed attempt and logs also the total of 3 wrongly typed passwords.
Passwords for sudo attempts are never shown or stored.
add a comment |Â
up vote
2
down vote
up vote
2
down vote
Logging in attempts successful and unsuccesful are logged in
/var/log/auth.log
Example of a succesful attempt:
Oct 23 21:24:01 schijfwereld sudo: rinzwind : TTY=pts/0 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
Oct 23 21:24:01 schijfwereld sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
And unsuccesful:
Oct 23 21:25:33 schijfwereld sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=rinzwind rhost= user=rinzwind
Oct 23 21:26:02 schijfwereld sudo: rinzwind : 3 incorrect password attempts ; TTY=pts/1 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
It logs the failed attempt and logs also the total of 3 wrongly typed passwords.
Passwords for sudo attempts are never shown or stored.
Logging in attempts successful and unsuccesful are logged in
/var/log/auth.log
Example of a succesful attempt:
Oct 23 21:24:01 schijfwereld sudo: rinzwind : TTY=pts/0 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
Oct 23 21:24:01 schijfwereld sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
And unsuccesful:
Oct 23 21:25:33 schijfwereld sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=rinzwind rhost= user=rinzwind
Oct 23 21:26:02 schijfwereld sudo: rinzwind : 3 incorrect password attempts ; TTY=pts/1 ; PWD=/home/rinzwind ; USER=root ; COMMAND=/bin/bash
It logs the failed attempt and logs also the total of 3 wrongly typed passwords.
Passwords for sudo attempts are never shown or stored.
answered 1 hour ago
Rinzwind
199k26381513
199k26381513
add a comment |Â
add a comment |Â
DoanldF is a new contributor. Be nice, and check out our Code of Conduct.
DoanldF is a new contributor. Be nice, and check out our Code of Conduct.
DoanldF is a new contributor. Be nice, and check out our Code of Conduct.
DoanldF is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1086498%2fsudo-3-incorrect-password-attempts-can-root-see-the-password-in-clear-text%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password