Tuesday, November 30, 2010

Secure Grub Boot Loader and Recovering Loss Root and Grub password


Secure Grub Boot Loader

You can set a password for the GRUB bootloader. This prevents users from entering single user mode or changing settings at boot time.
When your system is rebooted, grub presents the boot option menu. From this menu one can easily login into a single user mode without the password which might result into compromise system security.
For example, anyone can access the data or change the settings. However you can setup a password for grub with password option. This option forces grub to ask for a password before making any changes or entering into single user mode. You need to type p followed by password.

#1: Create A Password For Grub

Type grub-md5-crypt command to create password in MD5 format:# grub-md5-cryptOutput: 
Password:<ENTER-YOUR-PASSWORD>
Retype password:<ENTER-YOUR-PASSWORD>
$1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0
Please note that you need to copy and paste the MD5 password ($1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0) to your configuration file. Use mouse to copy the same.

#2 Add MD5 Password To Grub Configuration File

Under Debian GNU/Linux the Grub configuration file is located at /boot/grub/menu.lst. (Red Hat / Fedora user use /boot/grub/grub.conf file)# vi /boot/grub/menu.lst
Edit file and add a password line as follows:password --md5 $1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0



Here is my sample config file:
default         0
timeout         5
password --md5 $1$NYoR71$Sgv6pxQ6LG4GXpfihIJyL0
title           Debian GNU/Linux, kernel 2.6.13.4-cust-en-smp
root           (hd0,0)
kernel        /boot/vmlinuz root=/dev/hda3 ro
savedefault
boot
Save and close the file.



Recovering Loss Root and Grub password

Recovering of Grub Password

The best way to recovering (or reset) a password (and to solve many other problem) is use Knoppix Live CD. Or Redhat Linux Dvd . You need to boot system into a single user mode, at boot: prompt type linux single:
boot: linux rescue
# chroot /mnt sysimage
# vi /boot/grub/grub.conf
Once file opened using a text editor, locate password line and remove it:password --md5 $1$9sdflksdf/sdf44k

Save and close the file. Remove DVD and Reboot the system

Recovering Root Password

1. At Grub prompt press 'e' to edit command before booting.
2. Select second line.
3. Again, press 'e' to edit selected command and Enter 1 at the end of Kernel Line (Fore single user Mod)
4. Press b for booting in singal user mode
5. Type Passwd to change the password
6. reboot
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)