Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 02-01-2008, 03:44 AM   #1
LQ Newbie
Registered: Nov 2006
Posts: 23

Rep: Reputation: 15
grub password

In linux the password can be changed by entering into single
Whether we can block getting in to single usermode or can we set password when we typed "single" in grub parameter.
Old 02-01-2008, 04:51 AM   #2
LQ Addict
Registered: Oct 2003
Location: Australia
Distribution: MX 16
Posts: 5,298

Rep: Reputation: Disabled
are you concerned about local intrusion?

in which case you can

set the master bios password
set a grub password and
set user passwords and disable root logins.

is that what you are looking for?
Old 02-01-2008, 04:59 AM   #3
LQ Guru
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Quoted from /boot/grub/menu.lst
## password ['--md5'] passwd
# If used in the first section of a menu file, disable all interactive editing
# control (menu entry editor and command-line) and entries protected by the
# command 'lock'
# e.g. password topsecret
# password --md5 $1$gLhU0/$aW78kHK1QfV3P2b2znUoe/
# password topsecret
so to set a Grub password, write in the first section of the menu file
password your_chosen_password
or with md5 as in the above example, and after that Grub asks for a password if you want to do change anything (like try to enter single user mode by adding "single" to the kernel line).

I'd still have a BIOS password like aus9 said, to prevent people from booting off a live-cd, mounting your harddisk partitions and resetting the password that way. And disable root account (add a ! to the shadow file's encrypted password field, which effectively disables the account), so that it's no use of making a brute-force attack to guess the password. After that tcpwrappers, iptables, ...

Well, Grub password is the least you can do if you want to make things more difficult, but without BIOS password set also it's not of much use. Also remember that people could just open your box, detach your harddisk, plug it into their own machine, boot that and access the disk that way, circumventing your BIOS password that prevented them from booting off something else than the harddisk. To prevent that you would have to seal the machine into a bullet-proof locker room inaccessible to anyone but you, which is quite difficult.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
how to change root password without knowing the grub password ramesh.mimit Red Hat 8 10-15-2011 06:12 AM
change Root Password even if the password in the grub is also set sheelnidhi Linux - General 6 08-30-2006 08:27 AM
Setting password on grub, wha to do after changing default values in /boot/grub/menu. sarajevo Linux - Security 1 08-17-2005 09:01 PM
GRUB password garnica Linux - Security 2 11-23-2004 09:33 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:20 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration