As per this question, unauthorized attempts to sudo are saved in /var/log/auth.log and by default, a mail is sent to /dev/null. Is there any way to prevent that from happening and send the mail to an actual domain?
Asked
Active
Viewed 2,041 times
1
3 Answers
2
You need to setup sudo to write mails as stated on the page you have linked.
In your /etc/sudoers add mailto your@e.mail and the option when to send mails, in your case mail_badpass.
user482705
- 21
- 3
0
Later versions of Ubuntu (at least 21.10) suggest adding sudo configs into the /etc/sudoers.d directory. One can still add this in the /etc/sudoers file (remember to use visudo.)
Succinctly, to do what you want:
/etc/sudoers.d/mail-sysadmin
Defaults mailto="email@example.com"
Will J.
- 1
0
To stop these e-mails when you type a wrong password you could also
- type the correct password
- use a password manager
- use a password-less setup (see https://serverfault.com/a/160587/98708)
I guess you want an e-mail when someone else (e.g. Mallory) is using the wrong password to use sudo.
Cie6ohpa
- 166
sudoersfile? – Jarwin Dec 22 '15 at 17:30mail_badpassin there, so you can just put the your e-mail address before it. – user482705 Jan 05 '16 at 07:39