In this tutorial i will show how to block or prevent access to single user mode or grub console in redhat fedora centos linux systems.If attackers can boot the system into single user mode, they are logged in automatically as root without being prompted for the root password.So we have to prevent such type of things follow the step by step guide.
STEP 1:
Login as "root" user and open the "terminal"and type the command /sbin/grub-md5-crypt as shown in the figure below
It will ask to set password for Grub bootloader. Type the password and hit enter, Reenter the password and hit enter.It will generate the MD5 hash of that password.
STEP 2:
Select that MD5 hash generated and right click and copy
STEP 3 :
Now edit the grub configuration file by using "gedit" command in terminal. gedit /boot/grub/grub.conf .The Grub.conf file will open in gedit editor window.In the main section of the file add the following below the timeout line password --md5 <password hash> where <password hash> is the hash generated. Then save the file and close.
STEP 4:
Now reboot the machine. On grub loader page it will shows only "p" option the enter next level. If we type "p" it will ask the grub password which we have set.
STEP 5:
After typing the password it will lead to next level in which we can login to single user mode or we can edit the grub.
STEP 1:
Login as "root" user and open the "terminal"and type the command /sbin/grub-md5-crypt as shown in the figure below
It will ask to set password for Grub bootloader. Type the password and hit enter, Reenter the password and hit enter.It will generate the MD5 hash of that password.
STEP 2:
Select that MD5 hash generated and right click and copy
STEP 3 :
Now edit the grub configuration file by using "gedit" command in terminal. gedit /boot/grub/grub.conf .The Grub.conf file will open in gedit editor window.In the main section of the file add the following below the timeout line password --md5 <password hash> where <password hash> is the hash generated. Then save the file and close.
STEP 4:
Now reboot the machine. On grub loader page it will shows only "p" option the enter next level. If we type "p" it will ask the grub password which we have set.
STEP 5:
After typing the password it will lead to next level in which we can login to single user mode or we can edit the grub.
No comments:
Post a Comment