confused for booting security
Parshwa Murdia
b330bkn at gmail.com
Sun Jan 9 10:56:32 UTC 2011
On Sun, Jan 9, 2011 at 10:04 AM, Tim <ignored_mailbox at yahoo.com.au> wrote:
#boot=/dev/sda
> default=0
> timeout=5
> splashimage=(hd0,1)/grub/splash.xpm.gz
> password --md5 $supercalifragilistic.
>
> title Fedora (2.6.27.25-78.2.56.fc9.i686)
> lock
> root (hd0,1)
> kernel /vmlinuz-2.6.27.25-78.2.56.fc9.i686 ro
> root=/dev/VolGroup00/LogVol00 quiet
> initrd /initrd-2.6.27.25-78.2.56.fc9.i686.img
>
> title Fedora (2.6.27.24-78.2.53.fc9.i686)
> lock
> root (hd0,1)
> kernel /vmlinuz-2.6.27.24-78.2.53.fc9.i686 ro
> root=/dev/VolGroup00/LogVol00 quiet
> initrd /initrd-2.6.27.24-78.2.53.fc9.i686.img
>
> title Memtest86+ (2.11)
> root (hd0,1)
> kernel --type=netbsd /elf-memtest86+-2.11
>
Okay you have kept the password line at the top, so in the boot sequence one
has to enter that password for the first two titles (for two Fedora kernels)
but for the last title (here Memtest86+), there is not encrypted password.
If we want to use the same password for this too, we can insert the 'lock'
command just after the line
title Memtest86+ (2.11)
so that the same encrypted password would be required for this to boot. But
if a different password is required, we should enter it above the line
title Memtest86+ (2.11)
so that it looks:
password --md5 $differentpassword
title Memtest86+ (2.11)
lock
root (hd0,1)
kernel --type=netbsd /elf-memtest86+-2.11
so that while editing grub through remote place, it is at all not possible
without entering the password because the password --md5 line is above the
title line.
--
Regards,
Parshwa Murdia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20110109/8d28e265/attachment.html
More information about the users
mailing list