Page MenuHomePhabricator

grub boot password
Open, NormalPublic

Description

  • password for specific boot menu entries (recovery mode)
  • password for changing kernel command line or manual boot commands

This could either be an installer option or be prompted after first boot.

Implementation:

grub-mkpasswd-pbkdf2 can create the password hash.

Create a file /etc/grub.d/02_password:

contents:

#!/bin/sh
cat << EOF
set superusers="user"
password_pbkdf2 user grub.pbkdf2.sha512.10000.59212648B05E3BC4D862681E83480B1EBC0D4715A3EB382FA38AD6F55CDD2F742A02B9B3E885897B2698FDF3966CD2E75CF5992FD045305D88FD1D30F0DD6114.D532492BB61F378E932BB66FF49217805574850E09B53D9A5EB2CC1006544CE8B32F4644DBD4E59CFC26FECA8C7A0162305F4DD0C8BE200D81619BF96951615D
EOF

Details

Impact
Normal

Event Timeline

Patrick triaged this task as Normal priority.Dec 5 2019, 3:22 PM
Patrick created this task.
Patrick updated the task description. (Show Details)Dec 5 2019, 3:35 PM