Skip to content
Skip to main navigation
Skip to first column
Skip to second column

GenerationIP

Just for you

Home

Howto protect your grub with a password

Howto protect your grub with a password

Wednesday, 02 December 2009 23:07 Fabien FAYE

E-mail

Print

PDF

Type : System
Operating System : Redhat,Fedora,Centos

In this article, i explain you how to protect your grub with a password.This action must be made to secure the access of your data and reduce the chance to reboot your server in INIT 1 or in recovery mode.

INSTALL

You must be root to do this action.

Generate your password in the good format (use a strong password):

#/sbin/grub-md5-crypt
Password:
Retype password:
$1$tfQcK/$8ClWUjUmCwHCcwtT3E6W.1

Now you have your password encrypted in MD5 hash format.

You have to edit grub configuration file /boot/grub/grub.conf and paste the line in blue with your hash password.

default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-164.el5)

root (hd0,0)
kernel /vmlinuz-2.6.18-164.el5 ro root=/dev/VolGroup01/LogVol00
initrd /initrd-2.6.18-164.el5.img
password --md5 $1$tfQcK/$8ClWUjUmCwHCcwtT3E6W.1

Warning :

Unfortunately, this solution does not prevent an attacker from booting into an insecure operating system in a dual-boot environment.

Last Updated on Saturday, 30 January 2010 22:31

Follow us on Twitter

Main Menu

Direct Tools

Visitor Data

Your IP
38.107.179.228

United States :
Browser

Unknown Browser
Operating System

Unknown Operating System

Share this article:

Add to: Mr. Wong

Add to: Webnews

Add to: Icio

Add to: Oneview

Add to: Kledy.de Social Bookmarking

Add to: FAV!T Social Bookmarking

Add to: Favoriten.de

Add to: Seekxl

Add to: Social Bookmark Portal

Add to: BoniTrust

Add to: Power-Oldie

Add to: Bookmarks.cc

Add to: Newskick

Add to: Newsider

Add to: Linksilo

Add to: Readster

Add to: Yigg

Add to: Linkarena

Add to: Digg

Add to: Del.icoi.us

Add to: Reddit

Add to: Jumptags

Add to: Upchuckr

Add to: Simpy

Add to: StumbleUpon

Add to: Slashdot

Add to: Netscape

Add to: Furl

Add to: Yahoo

Add to: Blogmarks

Add to: Diigo

Add to: Technorati

Add to: Newsvine

Add to: Blinkbits

Add to: Ma.Gnolia

Add to: Smarking

Add to: Netvouz

Add to: Folkd

Add to: Spurl

Add to: Google

Add to: Blinklist

Information

GenerationIP Links

GenerationIP Forum
GenerationIP Mobile

Generationip Clouds

.ssh /etc/hosts.deny 99.999 Linux Network aaaa address adress adresse afnic apnic authority bandwidth best btrfs bulk cacti centos check chmod chown command compress connection desktop device domain domaine name downtime dump export ext3 fedora five nine generation genip graph grub.conf howto id_dsa id_rsa ifconfig info install installation internet ipv4 ipv6 kernel keys libwrap linux microsoft monitor monitoring multicast mysql netmask network nilfs nslookup password percent ping pptp print proto protocol psacct query raid redhat remote restore result route rrdtool second server setup ssh-keygen syntaxe tcp_wrapper template templates thold time request tool tools trace traceroute tracert tty terminal uncompress update uptime utils version whois windows

GenerationIP DNS

Search for free Internet domains

Latest News

Popular

Newsflash

New list of cacti templates for Mikrotik

After a long time without new pages of cacti, i have added a new page with the best cacti templates for mikrotik product just here.