Grub Password-protection

Password-protecting Grub may be necessary if the BIOS doesn’t have password support and you could be in a better environment.

Decide what the password is going to be and don’t forget it ;). To encrypt a password to put in your grub configuration file, use:

$ grub-md5-crypt
Password:
Retype password:
$1$ZOGor$GABXUQ/hnzns/d5JYqqjw

Type in the password twice and copy the md5 encrypted password to /boot/grub/menu.lst:

# /boot/grub/menu.lst
password –md5 $1$ZOGor$GABXUQ/hnzns/d5JYqqjw

The password line must be on one of the first few lines of the menu.lst file. If there are a lot of comments at the beginning of the grub.conf file don’t try to put it after them or it won’t work either. Also, take out the timeout value if you have one as it can sometimes cause problems.

Now each boot entry much be told to be locked if you want it to be:

title Linux 2.6.27
lock
root (hd0,4)
kernel /boot/kernel-2.6.27 root=/dev/sda5

Tallyho!