Without the GRUB Password, anyone can edit the kernel parameters and boot into single-user mode and enable them to log as root.
Step 1:
Use grub-md5-crypt command encrypt password in MD5 format:
# grub-md5-crypt
Password: Retype password: $1$gBrNd/$QccThGN4QFPdOiOtaTl.c0
Step 2: Edit GRUB configuration file
# vi /boot/grub/menu.lst
Insert this line into /boot/grub/menu.lst
password --md5 $1$gBrNd/$QccThGN4QFPdOiOtaTl.c0
Something like this....
# grub.conf generated by anaconda #........ default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu password --md5 $1$H7tNd/$GEYVMUDHmIkhb4xwNwywR. title CentOS (2.6.18-164.el5) root (hd0,0) kernel /vmlinuz-2.6.18-164.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.18-164.el5.img
It's done. Horray
No comments:
Post a Comment