Novell Home

10 steps to Password Protect SuSE's Grub Bootloader

Novell Cool Solutions: Trench
By Kory Sonnier

Digg This - Slashdot This

Posted: 12 Jan 2006
 

Applies to:

  • SUSE Linux Professional 9.2-9.3
  • SUSE Linux 10.0
  • Novell Linux Desktop 9
  • SUSE Linux Enterprise Server 9
  1. Log into your box as root
  2. Open up a shell.
  3. At command prompt, become superuser, then type grub:

    • linux:~ # su
      Password:
      linux:~ # grub

  4. At "grub>" prompt type md5crypt:

    • grub> md5crypt

  5. Enter a password at the Password: prompt, preferably something other than root password:

    • Password: *****

  6. It will then give you the password encrypted

    • Encrypted: $1$Rdv455345ga345GvIRgXWxcF1Vjb7tZ//

  7. Copy the encrypted password into the clipboard.
  8. Open up a new shell.
  9. At command prompt, become superuser, then type vi /boot/grub/menu.lst

    • linux:~ # su
      Password:
      linux:~ # vi /boot/grub/menu.lst

  10. After you see title SUSE Linux 10.0 on the next line type lock. On the following line type password md5 [the encrypted password you copied from previous shell]:

    • ###Don't change this comment YaST2 identifier: Original name: linux###
      title SUSE Linux 10.0
      lock
      password md5 $1$Rdv455345ga345GvIRgXWxcF1Vjb7tZ//
      root (hd0,1)
           kernel /boot/vmlinuz root=/dev/hda2 vga=0x31a selinux=0
      resume=/dev/hda1  splash=silent showopts
           initrd /boot/initrd
      

      Note: ***You may do the above steps for each grub boot item.

For even more protection you may set a BIOS password and disable all other boot options in the BIOS that are not needed.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell