AdSense

Friday, September 1, 2017

1 - Linux Security: protecting the GRUB with authentication


PROTECTING THE GRUB WITH AUTHENTICATION

- In this exercise a Linux Debian server is used:





1 - Introduction

- GNU GRUB (GRand Unified Bootloader) is a boot loader package from the GNU Project. 

- GRUB provides a user the choice to boot one of multiple operating systems installed on a computer or select a specific kernel configuration available on a particular operating system's partitions.

- For further information:

https://en.wikipedia.org/wiki/GNU_GRUB

- The goal of this exercise is to protect the GRUB by setting authentication (user and password) before having access to the system.


2 - Setting a superuser and a password for GRUB

- Going to the directory /etc/grub.d:




- The command grub-mkpasswd-pbkdf2 requires to enter a password and its corresponding sha512 hash is generated:





- Editing 40_custom the user roch is set as a superuser and the password hash is included:





- Updating the GRUB:




3 - Testing the GRUB authentication

- Once the server is rebooted and clicked any of the options:




- Authentication for the superuser roch is required to give access to the system: