[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password protecting grub

Hash: SHA1

On Wed, Mar 16, 2016 at 05:07:33PM +0530, Himanshu Shekhar wrote:
> I wish to password protect grub bootloader. I tried the steps available on
> online manuals as of RedHat, Ubuntu, etc. All experiments were on a
> VirtualBox machine, so my system remains safe. However, I didn't get
> success.
> Every time I write the line to the config file and run update-grub, I get
> the response
> "password : command not found".
> I made experiments with the following files:
>   /etc/grub.d/00_header
>   /etc/grub.d/40_custom
>   /boot/grub/grub.cfg
> adding
> " set superusers="root"
>   password root rootpassword
> "
> or
> " password mypassword "
> or
> " password --md5 $$$%#$ "
> different times. Each time, I had the same error generated.

Note that those files are shell scripts generating scripts for grub. I think
you want the shell script outputting something like

  |set superusers="foo"
  |password foo verytopsecret

to its standard output, so you'll want to add

  |cat <<EOF
  |set superusers="foo"
  |password foo verytopsecret

to your /etc/grub.d/00_header. Rube Goldberg in action, but hey. I wonder
what's in store with Grub3: write a Haskell program which outputs a
shell program which outputs a Grub3 script?

Hope that helps
- -- tomás
Version: GnuPG v1.4.12 (GNU/Linux)


Reply to: