To prevent users from editing by pressing “ e ” at boot time, we can set a password at boot time. At the command prompt write :

#  grub-md5-crypt

It will ask you to enter the password twice. Use any password you would like to use and after that it generates the MD5 hash of that password.

Copy that MD5 hash and open grub.conf :

#  vi  /etc/grub.conf

In grub.conf, below the line of splashimage i.e. splashimage=(hd0,0)/grub/splash.xpm.gz write like this :

password  —-md5  [your hash]

The right hand side of splashimage can change in your case, so watch it. Doing the above step prevents the users from editing at boot time, generally done to go to run level 1 to change the passwords.

To set a Boot time password,  follow the above steps but this time you have to paste your hash below the title line i.e. title Red Hat Enterprise Linux Server (2.6.18-194.el5).

With this every time your Linux system boots up it will ask you for the password. You can do this for other installations also in your system, just add the hash below title line of every OS entry in your grub.conf .

Reboot your system and see the results.

Advertisements