//
you're reading...
linux security

Howto : Password Protect Grub in Ubuntu/Debian Linux


Some recent posts showing that your linux box is not secure unless you installed a grub Password.
If you are an administrator of a highly sensitive server, you must do it.
To add a password for grub, first you must generate an md5 password hash using the grub-md5-crypt utility: grub-md5-crypt

The command will ask you to enter a password and offer a resulting hash value as shown below:

Password: (enter new password)
Retype password: (repeat password)
$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0

Add the resulting hash value to the file /boot/grub/menu.lst in the following format:

password –md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0

To require use of the password for entering single user mode, change the value of the lockalternative variable in the file /boot/grub/menu.lst to true, as shown in the following example.

# lockalternative=true

Advertisements

About abdessemed mohamed amine

DZ-SECURITY

Discussion

3 thoughts on “Howto : Password Protect Grub in Ubuntu/Debian Linux

  1. i wanna know , if this secure feature , also prevent other user stop installing new window over linux??
    does it stop user from overriding grub loader???

    Posted by sahil | September 17, 2009, 16:46

Trackbacks/Pingbacks

  1. Pingback: i have debian linux (kernel 2.4 i think) and i want to set it up as a webserver? | Linux Appliance - September 1, 2009

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: