Article

You'll need to modify the initrd's that are loaded by maintenance mode to modify their startup scripts to prompt for a password.

1. tty1
   First, we need to modify the initrd used by tty1. You can find this in your tftp server's 'boot' directory. Open it up, change the script that provides the prompt, and save the new intird.

   mkdir /tmp/initzen
   cd /tmp/initzen
   gunzip -c ~/zfd/tftp/boot/initrd | cpio -idv
   
   

   add to bin/prompt.s:

    trap '' SIGINT
    while true; do
      read -p 'password: ' -s;
      echo;
      if [ $REPLY == password ]; then
        break;
      fi;
    done
    trap - SIGINT 
   
   

   find | cpio -H newc -o | gzip > ~/zfd/tftp/boot/initrd
   

2. tty2-6
   Second, we need to modify the initrd used by the other ttys. You can find this in your tftp server's 'boot' directory (this one s called 'root'). Open it up, change the system bash profile, and save the new intird.

   mkdir /tmp/initzen2
   gunzip -c ~/zfd/tftp/boot/root > /tmp/root.ext2
   sudo mount /tmp/root.ext2 /tmp/initzen2/ -o loop
   cd /tmp/initzen2
   
   

   add to etc/profile:

    trap '' SIGINT
    while true; do
      read -p 'password: ' -s;
      echo;
      if [ $REPLY == password ]; then
        break;
      fi;
    done
    trap - SIGINT 
   
   

   gzip < /tmp/root.ext2 > ~/zfd/tftp/boot/root
   

Tada! All safe now.