How to – Grub password
Haz click aquí para leer en Español
Let’s work with Linux! Imagine a hacker is able to reboot your system; once they boot it, your system is compromised. As explained in my previous post Recover root password, when you are booting you are able to recreate your root password, and by doing so, you will have access to everything in your server. Let’s secure our Grub, with some simple Linux commands.
Disclaimer: Running rm -rf / on your computer will free up some space (Please do not do it)
What Linux version will be used?
For this post, the Linux distribution in use is CentOS8. However, I will show you to do the same in Debian.
uname -r && cat /etc/redhat-release
Using RHEL 8
Run: vim /etc/grub.d/10_linux and go to the line CLASS:
and remove the –unrestricted, then run:
Introduce your GRUB2 password.
A new file called user.cfg will be created under /boot/grub2/user.cfg which will contain the encrypted password:
Recreate the GRUB config file:
grub2-mkconfig -o /boot/grub2/grub.cfg reboot
In order to edit or check the grub prompt, I need to introduce the user and password. If not, I won’t be able to access this.
Also, to remove the GRUB protection add once again –unrestricted and remove the user.cfg
Is it possible to recover root password without the Grub password?
No, your Linux server is in one way secured from hackers.
As you can see, it is an easy task that we all should know to hardening our system!
What about previous versions of CentOS, RedHat?
Create a password for root GRUB, as a root user run:
Introduce your password. This will return MD5 Hash password, you should copy this password and paste it at /boot/grub/grub.conf file
Save the file and reboot your system.
Under Debian GNU/Linux the Grub configuration file is located at /boot/grub/menu.lst
For my following entries, I will write about SELinux, bootloader, initramfs, handy tools to work in Linux and more. Stay tuned and follow the blog!
If you have time, check my other posts and let me know if you have done something similar.
If you want to know about Apache
If you want to know about Ansible
Linux security tips