Generally, we forget to provide password security for GRUB boot loader.
If we do not provide password, any one can get access to root login without giving
root password, just by editing “kernel” parameters to “single” or “1″.
Therefore, you can prevent this editing by providing password.
$ grub-md5-crypt
Password:
Retype password:
$1$BRvj2/$A0Xj.CeywUG/iL6j/15HC.
(you can provide any password, you want. But please remember this by heart)
and paste this output in /boot/grub/menu.lst below timeout
or default as
$vi /boot/grub/menu.lst
...
timeout 10
...
password --md5 $1$BRvj2/$A0Xj.CeywUG/iL6j/15HC
...
Now, reboot and try to modify the kernel parameters. You will not be
able to until you press p and provide the password.
No comments:
Post a Comment