Thursday, August 13, 2009
Howto Password Protect Grub in Ubuntu / Debian Linux
Some recent posts showing that your linux box is not secure unless you installed a grub Password.
If you are an administrator of a highly sensitive server, you must do it.
To add a password for grub, first you must generate an md5 password hash using the grub-md5-crypt utility: grub-md5-crypt
The command will ask you to enter a password and offer a resulting hash value as shown below:
Password: (enter new password)
Retype password: (repeat password)
$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0
Add the resulting hash value to the file /boot/grub/menu.lst in the following format:
password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0
To require use of the password for entering single user mode, change the value of the lockalternative variable in the file /boot/grub/menu.lst to true, as shown in the following example.
# lockalternative=true
If you are an administrator of a highly sensitive server, you must do it.
To add a password for grub, first you must generate an md5 password hash using the grub-md5-crypt utility: grub-md5-crypt
The command will ask you to enter a password and offer a resulting hash value as shown below:
Password: (enter new password)
Retype password: (repeat password)
$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0
Add the resulting hash value to the file /boot/grub/menu.lst in the following format:
password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0
To require use of the password for entering single user mode, change the value of the lockalternative variable in the file /boot/grub/menu.lst to true, as shown in the following example.
# lockalternative=true
0 comments:
Post a Comment