Senin, 03 Desember 2012

How to password protect GRUB



To password protect grub from illegal access, first create an MD5 hash for the password using the command grub-md5-crypt. Enter the password and again retype the password when prompted.

[root@localhost ~]# grub-md5-crypt
Password:
Retype password:
$1$4Onh4/$5TkWggMpA2u17k7IOA5Hi1
[root@localhost ~]#

Copy the hash generated by "grub-md5-crypt" command and use it in the grub.conf file as shown below.

### Beginning of grub.conf ###

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda2
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
password --md5 $1$4Onh4/$5TkWggMpA2u17k7IOA5Hi1
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu

#####First Operating System#####

title Red Hat Enterprise Linux Server (2.6.18-8.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/ rhgb quiet
initrd /initrd-2.6.18-8.el5.img

#####Second Operating System#####

title RedHat Operating System 2
root(hd1,0)
kernel /vmlinuz-2.6.18-8.el5 ro root=/dev/sdb2 rhgb quiet
initrd /initrd-2.6.18-8.el5.img

### End of grub.conf ###

When you boot the machine next time, press "p" at the grub menu to enter the password and edit the grub menu.

Tidak ada komentar:

Poskan Komentar