Shulou(Shulou.com)06/02 Report--

Anyone who has come into contact with the linux system should know that users can modify the GRUB boot parameters to enter single-user mode, and then fix some system problems. In this way, they can enter the system without a password and have root permissions. But from a security point of view, if everyone can modify the parameters of GRUB, it is a great threat to the server. At this time, we can set a password for the GRUB menu. Only those who provide the correct password are allowed to modify the boot parameters.

Step 1: use grub2-mkpasswd-pbkdf2 to generate a key

Step 2: enter and modify the / etc/grub.d/00_header file to add the key

Enter the following on the last line after entering the editing page

Step 3: generate a new grub.cfg configuration file

Step 4: verify the operation result

After the above configuration, when rebooting the system to enter the GRUB menu, pressing the e key directly will not be able to modify the boot parameters. In order to obtain editing permission, you will be prompted to enter the user name and the corresponding password.

Restart the system first, when the boot load screen appears, press the e key

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.