Friday, September 1, 2017

1 - Linux Security: protecting the GRUB with authentication


- In this exercise a Linux Debian server is used:

1 - Introduction

- GNU GRUB (GRand Unified Bootloader) is a boot loader package from the GNU Project. 

- GRUB provides a user the choice to boot one of multiple operating systems installed on a computer or select a specific kernel configuration available on a particular operating system's partitions.

- For further information:

- The goal of this exercise is to protect the GRUB by setting authentication (user and password) before having access to the system.

2 - Setting a superuser and a password for GRUB

- Going to the directory /etc/grub.d:

- The command grub-mkpasswd-pbkdf2 requires to enter a password and its corresponding sha512 hash is generated:

- Editing 40_custom the user roch is set as a superuser and the password hash is included:

- Updating the GRUB:

3 - Testing the GRUB authentication

- Once the server is rebooted and clicked any of the options:

- Authentication for the superuser roch is required to give access to the system: