Linux启动引导加密是提高Linux安全性的一种措施,这里以RedHat Linux为例来进行Linux启动引导加密的设置,实验是提高我们技术的一种手段,我们一定要亲手试一试这种方法,完成技术的学习。
让linux启动引导加密方法
#vi /boot/grub/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda2
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=10
splashimage=(hd0,0)/grub/splash.xpm.gz
title Red Hat Linux (2.4.18-3)
password 12345678
root (hd0,0)
kernel /vmlinuz-2.4.18-3 ro root=/dev/sda2
initrd /initrd-2.4.18-3.img
~
~
"/boot/grub/grub.conf" 17L, 569C written
[root@localhost root]# reboot
现以上提示输入:12345678
系统才可以引导
注意:远程勿试!
以密文方式
[root@localhost root]# grub-md5-crypt
Password:
$1$jQORq$BbVuVrnQ60b87FlXP/aau/
[root@localhost root]# vi /boot/grub/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda2
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=10
splashimage=(hd0,0)/grub/splash.xpm.gz
title Red Hat Linux (2.4.18-3)
password --md5 $1$jQORq$BbVuVrnQ60b87FlXP/aau/
root (hd0,0)
kernel /vmlinuz-2.4.18-3 ro root=/dev/sda2
initrd /initrd-2.4.18-3.img
~
~
"/boot/grub/grub.conf" 17L, 598C written
[root@localhost root]# reboot
这里就进行了Linux启动引导加密的设置。
【编辑推荐】
