Tuesday, May 29, 2012
Thursday, May 3, 2012
Securing GRUB2 with password
GRUB2 is the next generation of the GRand Unified Bootloader (GRUB). GRUB2 is derived fromPUPA which was a research project to investigate the next generation of GRUB. GRUB2 has been rewritten from scratch to clean up everything and provide modularity and portability
GRUB2 uses a newer method, so I'll outline the brief how to protect you GRUB with password
First you'll need to type the command:
Now type your chosen password...
open up the terminal and type su to login as root then type
Now take your new password which will look something like this
grub.pbkdf2.sha512.10000.5F60AA485BA2B7EA640974BCDF5722F7600FDAF99AFE6AD8ECA33A1A05E53AB85B8B426E22AC246CC50558807BBA24752CBD61FD04155E26C41307F4AD64C9F7.0BDA015BBD97F09776CB66C90E0D82C2855C297039A1638D28A77FE2DDA3C8B8105C82FB2766FAEF4400647917A82CF3FB4B8E9B43ACBA6439F1E3C9B1A90194
And use the following example of how to paste it in at the end of the 00_header file under the last line of code so it will look like this:
cat << EOF
set superusers="putyourusernamehere"
password yourusername yourpassword
EOF
Now update your GRUB with the following command
update-grub
NOW YOUR NEW PASSWORD POLICY WILL BE ENFORCED
NOTE:
please use your own user name and passwords,do not putyourusernamehere and the yourpassword provided above as this is only an example.
GRUB2 uses a newer method, so I'll outline the brief how to protect you GRUB with password
First you'll need to type the command:
grub-mkpasswd-pbkdf2
Now type your chosen password...
open up the terminal and type su to login as root then type
vi /etc/grub.d/00_header
Now take your new password which will look something like this
grub.pbkdf2.sha512.10000.5F60AA485BA2B7EA640974BCDF5722F7600FDAF99AFE6AD8ECA33A1A05E53AB85B8B426E22AC246CC50558807BBA24752CBD61FD04155E26C41307F4AD64C9F7.0BDA015BBD97F09776CB66C90E0D82C2855C297039A1638D28A77FE2DDA3C8B8105C82FB2766FAEF4400647917A82CF3FB4B8E9B43ACBA6439F1E3C9B1A90194
And use the following example of how to paste it in at the end of the 00_header file under the last line of code so it will look like this:
cat << EOF
set superusers="putyourusernamehere"
password yourusername yourpassword
EOF
Now update your GRUB with the following command
update-grub
NOW YOUR NEW PASSWORD POLICY WILL BE ENFORCED
NOTE:
please use your own user name and passwords,do not putyourusernamehere and the yourpassword provided above as this is only an example.
Subscribe to:
Posts (Atom)
