grub设置密码

最新推荐文章于 2024-07-10 21:07:20 发布

taizhoufox

最新推荐文章于 2024-07-10 21:07:20 发布

阅读量2.2k

点赞数

分类专栏： linux程序安装与使用文章标签：加密 linux

linux程序安装与使用专栏收录该内容

40 篇文章 0 订阅

订阅专栏

感谢原文作者：http://www.blogjava.net/prince/archive/2007/07/20/131562.html

linux下,会看到GRUB引导,如果不设置密码很容易被别人篡改root密码.
GRUB有两种加密方式，一种是lock，一种是利用非明文加密，也就是md5 128位加密。
[root@localhost /]# vi /etc/grub.conf
设置grub.conf
没有设置密码前:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux AS (2.6.9-11.EL)
        root (hd0,0)
        kernel /vmlinuz-2.6.9-11.EL ro root=/dev/VolGroup00/LogVol00 rhgb quiet
        initrd /initrd-2.6.9-11.EL.img

password 明文设置密码
修改后:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
password=prince(prince为说设置的密码)
hiddenmenu
title Red Hat Enterprise Linux AS (2.6.9-11.EL)
lock(进入linux时需要输入密码)
        root (hd0,0)
        kernel /vmlinuz-2.6.9-11.EL ro root=/dev/VolGroup00/LogVol00 rhgb quiet
        initrd /initrd-2.6.9-11.EL.img

注:这里GRUB密码设置为prince,lock意思是进入linux时需要输入密码

给grub加密密码

利用非明文加密，也就是md5 128位加密.

md5加密方式

运行
# /sbin/grub-md5-crypt      (在grub中用： md5crypt)
输入你的密码，如prince
生成一串东东，是随即产生的,要记下来.
然后添加到 grub.conf
改grub.conf成如下

CODE:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
password --md5 $1$GexO3$iHhcfqlRE84s.2TyHN2l10 (加密后的密码)
hiddenmenu
title Red Hat Enterprise Linux AS (2.6.9-11.EL)
lock
        root (hd0,0)
        kernel /vmlinuz-2.6.9-11.EL ro root=/dev/VolGroup00/LogVol00 rhgb quiet
        initrd /initrd-2.6.9-11.EL.img