November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Categories

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

GRUB password solaris 11

GRUB password

Nowadays I’d say it’s hard to believe that anything is really secure.
Nevertheless one can keep going adding more and more barriers.
The idea is not to be selected as an easier path to attack.
But again, if someone is determined who can tell…

Despite this gave introduction, my goal is to repeat one known tiny bit:
Help preventing unauthorized GRUB configuration change by adding a password.
The method below isn’t for GRUB2 (the next generation), but for the older version.

Locate the grub menu file where to configure the password:

# bootadm list-menu
the location … is: /rpool/boot/grub/menu.lst
default 4
timeout 15

Invoke the grub binary to create the password.
Take note of the resulting encrypyted hash.

# /boot/grub/bin/grub

GNU GRUB  version 0.97  (640K lower / 65536K upper memory)
[ …

… ]

grub> md5crypt

Password: ***************
Encrypted: $1$…

grub> quit

Edit the grub menu file and include the generated password hash as shown below:

# head -7 /rpool/boot/grub/menu.lst
splashimage /boot/grub/splash.xpm.gz
foreground 343434
background F7FbFF
default 4
timeout 15
password –md5 $1$…
#———- ADDED BY BOOTADM – DO NOT EDIT ———-

That’s all what’s need for GRUB1.
For GRUB2 I’m still trying to learn how to do it.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>