Password protect the bootloader on Centos 5.x January 30, 2011Posted by Tournas Dimitrios in Linux.
Beyond password protecting the BIOS (or BIOS equivalent) , a good habit is to prevent unauthorized users who have physical access to systems from obtaining root privileges through ” single user ” or ” emergency ” mode . The security measures you should take to protect against such attacks depends both on the sensitivity of the information on the workstation and the location of the machine.If the workstation is located in a place where only authorized or trusted people have access, however, then securing the BIOS or the boot loader may not be necessary.
This article will outline how to password protect the boot- loader . It must be clearly understood that this is only an extra layer of protection , a physical access to the computer with a floppy disc or boot-image dvd can easily bypass this security layer and force the box in “rescue” mode .
How to password protect the boot-loader :
- From the terminal create a password with the ” grub-md5-crypt ” command .
- Add the md5-password in /etc/grub.conf file .
Recommended readings :