07 March 2008

How to Password Protect GRUB Boot loader

The main reason to password protect the GRUB boot loder is to prevent access to single user mode — If attackers can boot the system into single user mode, they are logged in automatically as root without being prompted for the root password.

 To do this, open a shell prompt, log in as root, and type:

 /sbin/grub-md5-crypt


 When prompted, type the GRUB password and press Enter. This returns an MD5 hash of the password.

 Next, edit the GRUB configuration file /boot/grub/grub.conf. Open the file and below the timeout line in the main section of the document, add the following line:

 password --md5


Replace with the value returned by /sbin/grub-md5-crypt
Posted by at No comments:
Labels: , , ,

Relative vs. Absolute Pathnames

Commands can be given file name arguments in two ways.

If you are in the same directory as the file (i.e., the file is in the current directory), then you can just enter the file name on its own (e.g., cp my_file new_file). Otherwise, you can enter the full path name, like cp /home/john/my_file /home/jack/new_file.

 Very often administrators use the notation ./my_file to be clear about the distinction, for instance, cp ./my_file ./new_file. The leading ./ makes it clear that both files are relative to the current directory.

File names not starting with a / are called relative path names, and otherwise, absolute path names.
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)