[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password protecting grub

I have been trying to achieve something similar on my system. Password protection in grub2 appears to be quite different from that in grub-legacy.

In grub2, authentication is activated by the lines (from the grub info manual, the section on security):

set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.biglongstring

in the /boot/grub/grub.cfg file

The command grub-mkpasswd-pbkdf2 can be used to generate the password.

On debian systems, it is better to put those two lines in /etc/grub.d/40_custom to make sure that your changes remain after an `update-grub' command.

But, be advised that once you do this, all the menu entries in grub will be inaccessible until the password is supplied.
It would be nice to have a way of requiring a password only if it required to boot a non-default entry.

On Wed, Mar 16, 2016 at 11:12 PM, Himanshu Shekhar <irm2015006@iiita.ac.in> wrote:
Ok! I understand GRUB password and other such passwords are ineffective. I am also aware of the fact that hard drive can be read anywhere unless it is encrypted. 
The am eager to know a particular way (however bad it may be) to secure a system, which I have not known yet.
All efforts yet just stop at one step : 
           password : command not found. LOL!

Himanshu Shekhar

Reply to: