Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 01-04-2010, 10:16 PM   #1
Registered: Nov 2009
Posts: 30

Rep: Reputation: 15
Set GRUB password (CIS)

Hi, i came across a section on the CIS guide about red hat.

8.7 Set GRUB Password
An unprotected GRUB boot loader prompt allows an attacker with physical access to subvert the normal boot process very easily. The action below will allow the system to boot normally, only requiring a password when the anyone attempts to modify the boot process by passing commands to GRUB. Make sure to replace <password> in the actions below with an md5-hashed password (check the man page for /sbin/grub-md5-crypt).
1. Add this line to /etc/grub.conf before the first uncommented line:
password <password>

The guide actually recommend adding the "password <password>" to the /etc/grub.conf. However, i do not understand on how do i get the md5 hashed password to replace the <password>?
Old 01-04-2010, 10:25 PM   #2
Simon Bridge
LQ Guru
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 198Reputation: 198
sudo grub

at the grub prompt:

grub> md5crypt

Password: ******
Encrypted: $1$jxcdN0$hVHViq1aiPf8FziuGJGZp0
grub> quit

there's your hash.
Old 01-04-2010, 10:36 PM   #3
LQ Newbie
Registered: Mar 2009
Posts: 8
Blog Entries: 1

Rep: Reputation: 0
Dear friend,

please take the following action to set the grub password:--

[root@server ~]# grub-md5-crypt >> /boot/grub/grub.conf

type the password ## these two entries will be not visible
retype the password

[root@server ~]# vi /boot/grub/grub.conf


password --md5 < encryptedpasswd > ## add this line here

title Red Hat Enterprise Linux Server (2.6.18-8.el5)


Thanks & Regards

Narendra Gupta
Old 01-04-2010, 10:58 PM   #4
LQ Newbie
Registered: Mar 2009
Location: Nairobi, Kenya
Distribution: Debian Wheezy
Posts: 3

Rep: Reputation: 0
# If you save the file at this moment without any further edits you would have locked down interactive editing in GRUB. The administrator or in this case you would have to press ‘p’ key and enter the correct password to access these advanced options.
# If in addition you want to lock down specific menu entries so that anyone without the knowledge of the correct password cannot boot into that operating system you should add the word lock all by itself on a separate line just after the title specification for each entry in the menu.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
how to change root password without knowing the grub password ramesh.mimit Red Hat 8 10-15-2011 05:12 AM
how to set grub menu password am_it_wild Linux - Newbie 3 03-28-2009 02:15 AM
How to set login and password and root password in suse 10.2 sirius57 SUSE / openSUSE 8 07-24-2007 09:51 AM
change Root Password even if the password in the grub is also set sheelnidhi Linux - General 6 08-30-2006 07:27 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:59 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration