AboutWelcome to Free Software Daily (FSD). FSD is a hub for news and articles by and for the free and open source community. FSD is a community driven site where members of the community submit and vote for the stories that they think are important and interesting to them. Click the "About" link to read more...
Some recent posts showing that your linux box is not secure unless you installed a grub Password.
If you are an administrator of a highly sensitive server, you must do it.
To add a password for grub, first you must generate an md5 password hash using the grub-md5-crypt utility: grub-md5-crypt
Password-protecting the bootloader is one method you may employ to enhance the physical security profile of your computer. GRUB, the GRand Unified Bootloader, is the default bootloader on virtually all Linux distributions, but on a significant number, the installer does not have support for setting a GRUB password.
You have two ways to do that. Maybe you want the user to enter a password in order to boot the Recovery Mode or your secondary OS. You have to set that password in the /boot/grub/menu.lst - for higher security you should crypt your password with md5.
A good password has the problem of being difficult to remember. And sometimes you might need to get in to a system where the root password is long forgotten (or left with the system administrator before you).
By default, the root account password is locked in Ubuntu - Canonical neither supports nor advocates enabling the root account. This means that you cannot login as root directly or use the su command to become the root user. However, since the root account physically exists it is still possible to run programs with root-level privileges.
Few days ago after I've posted post "How To Reset Forgotten Ubuntu Password", someone ask me (or maybe not ask but give an opinion) about the security of Linux (we all know, "security" is one of the majority feature that Linux offered to us). How about the security if we can reset the root password as easy as that my post said.
Let's face it: you can sometimes forget a password, because well... it happens! I can't help you with all of them, but I can tell you how to recover your lost Linux root password thanks to Tips4Linux. Just follow the below steps to recover it:
One of the biggest security holes you could open on your server is to allow directly logging in as root through ssh, because any cracker can attempt to brute force your root password and potentially get access to your system if they can figure out your password.
The tools used to boot Linux® are changing. Specifically, the Grand Unified Bootloader (GRUB) is now officially in maintenance mode only, and GRUB's developers have abandoned the original GRUB in favor of an entirely rewritten package, known as GRUB 2. Discover GRUB 2's new capabilities and how to use it.
