Novell Home

10 steps to Password Protect SuSE's Grub Bootloader

Novell Cool Solutions: Trench
By Kory Sonnier

Rate This Page

Reader Rating  stars  from 1 ratings

Digg This - Slashdot This

Posted: 12 Jan 2006 		 

Applies to:

  • SUSE Linux Professional 9.2-9.3
  • SUSE Linux 10.0
  • Novell Linux Desktop 9
  • SUSE Linux Enterprise Server 9
  1. Log into your box as root
  2. Open up a shell.
  3. At command prompt, become superuser, then type grub:

      4. linux:~ # su
      Password:
      linux:~ # grub

  4. At "grub>" prompt type md5crypt:

      5. grub> md5crypt

  5. Enter a password at the Password: prompt, preferably something other than root password:

      6. Password: *****

  6. It will then give you the password encrypted

      7. Encrypted: $1$Rdv455345ga345GvIRgXWxcF1Vjb7tZ//

  7. Copy the encrypted password into the clipboard.
  8. Open up a new shell.
  9. At command prompt, become superuser, then type vi /boot/grub/menu.lst

      10. linux:~ # su
      Password:
      linux:~ # vi /boot/grub/menu.lst

  10. After you see title SUSE Linux 10.0 on the next line type lock. On the following line type password md5 [the encrypted password you copied from previous shell]:

      11. ###Don't change this comment YaST2 identifier: Original name: linux###
title SUSE Linux 10.0
lock
password md5 $1$Rdv455345ga345GvIRgXWxcF1Vjb7tZ//
root (hd0,1)
     kernel /boot/vmlinuz root=/dev/hda2 vga=0x31a selinux=0
resume=/dev/hda1  splash=silent showopts
     initrd /boot/initrd

      Note: ***You may do the above steps for each grub boot item.

For even more protection you may set a BIOS password and disable all other boot options in the BIOS that are not needed.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

Novell® Making IT Work As One

© 2008 Novell, Inc. All Rights Reserved.