Requirement:AMP - 8.x.x
Centos - 6.x.x
Solution:GRUB is a default bootloader in all Unix-like operating system. To prevent unauthorized person to access system we may required to have grub with password protected.
Configuration:STEP 1:
Create a password for GRUB, we need to be a root user and to type below command. When prompted type grub password twice and press enter. This will return MD5 hash password. Please copy or note it down.
[root@tecmint ~]# grub-md5-crypt
[root@tecmint ~]# grub-md5-crypt
Password:
Retype password:
$1$19oD/1$NklcucLPshZVoo5LvUYEp1
Step 2: Now we need to open the /boot/grub/menu.lst or /boot/grub/grub.conf file and add the MD5 password. Both files are same and symbolic link to each other.
[root@tecmint ~]# vi /boot/grub/menu.lst
OR
[root@tecmint ~]# vi /boot/grub/grub.conf
Note : We advise to take backup of the files before making any changes to it as a precaution.
STEP 3: Add the newly created MD5 password in GRUB configuration file. Please paste copied password below timeout line and save it and exit. For example, Enter the line password –md5 <add the copied md5 string from step 1> above.
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda3
# initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
password --md5 $1$TNUb/1$TwroGJn4eCd4xsYeGiBYq.
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-279.5.2.el6.i686)
root (hd0,0)
kernel /vmlinuz-2.6.32-279.5.2.el6.i686 ro root=UUID=d06b9517-8bb3-44db-b8c5-7710e183edb7 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet
initrd /initramfs-2.6.32-279.5.2.el6.i686.img
title centos (2.6.32-71.el6.i686)
root (hd0,0)
kernel /vmlinuz-2.6.32-71.el6.i686 ro root=UUID=d06b9517-8bb3-44db-b8c5-7710e183edb7 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet
initrd /initramfs-2.6.32-71.el6.i686.img
VerificationTo verify we need to reboot system and try it pressing ‘p‘ to enter password to unlock as shown below: