When your system is rebooted, grub presents the boot option menu. From this menu one can easily login into a single user mode without the password which might result into compromise system security.
For example, anyone can access the data or change the settings. However you can setup a password for grub with password option. This option forces grub to ask for a password before making any changes or entering into single user mode. You need to type p followed by password.
#1: Create A Password For Grub
Type grub-md5-crypt command to create password in MD5 format:# grub-md5-cryptOutput:
Password:
Retype password:
$1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0
Please note that you need to copy and paste the MD5 password ($1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0) to your configuration file. Use mouse to copy the same.
#2 Add MD5 Password To Grub Configuration File
Under Debian GNU/Linux the Grub configuration file is located at /boot/grub/menu.lst. (Red Hat / Fedora user use /boot/grub/grub.conf file)# vi /boot/grub/menu.lst
Edit file and add a password line as follows:password --md5 $1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0
Here is my sample config file:
default 0
timeout 5
password --md5 $1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0
title Debian GNU/Linux, kernel 2.6.13.4-cust-en-smp
root (hd0,0)
kernel /boot/vmlinuz root=/dev/hda3 ro
savedefault
boot
Save and close the file.
http://www.cyberciti.biz/tips/how-do-i-secure-grub-boot-loader.html
No comments:
Post a Comment