PROTECTING THE GRUB WITH AUTHENTICATION
- In this exercise a Linux Debian server is used:
1 - Introduction
- GNU GRUB (GRand Unified Bootloader) is a boot loader package from the GNU Project.
- GRUB provides a user the choice to boot one of multiple operating systems installed on a computer or select a specific kernel configuration available on a particular operating system's partitions.
- For further information:
https://en.wikipedia.org/wiki/GNU_GRUB
- The goal of this exercise is to protect the GRUB by setting authentication (user and password) before having access to the system.
2 - Setting a superuser and a password for GRUB
- Going to the directory /etc/grub.d:
- The command grub-mkpasswd-pbkdf2 requires to enter a password and its corresponding sha512 hash is generated:
- Editing 40_custom the user roch is set as a superuser and the password hash is included:
- Updating the GRUB:
3 - Testing the GRUB authentication
- Once the server is rebooted and clicked any of the options:
- Authentication for the superuser roch is required to give access to the system:
