It is effortless to change the root password of the Linux system. And, a person who has access to the Server can easily do this. So, this is necessary to protect the setting changes on the server startup. If you want to protect the startup changes, then you have to set a GRUB password. Here, I am going to guide you with the process of how to set a GRUB2 password. It is straightforward, you just have followed a few steps and some commands. So let’s begin to set the grub2 password.
Generating the grub2 password
Step 1: First we are going to generate a password, type the below command
grub2-mkpasswd-pbkdf2
When you type the above command, it will ask for a password that you want to put for GRUB. Type the password which you want. It will generate the hash of your password which you can see in the below picture, I have covered it with the green line. You have to copy it.
Editing the grub configuration file
Step 2: Now we are going to open the configuration file, so we can set up the password, I am going to open it with vim text editor but you can use vi or any other text editors.
vim /etc/grub.d/10_linux
After opening this file go to the end of the file, and type below lines as it is and change the user name as the places I have highlighted with red, which you want to give and make sure that user has been created in this server system and put the password at the place after username which I have highlighted with light green.
cat << EOF
set superusers=“sahil”
password_pbkdf2 sahil grub.pbkdf2.sha512.10000.0B2A68B3398E72BEF2FF6FD978CA387E718630B853F5FB6B91FB2C4744C30D42EC6774237B82922ADA20A458D083C04BFB2C2391A2335B5B9D51D489916D67A4.F6467176A88E6322BC61A4F2A32D9B28AE74E27930B1E5BA61290BAA1DA5F161756DAA44952F8D138445AEE97FA1B386BDA59747BC68EE06B761454C66E23B6D
EOF
Step 3: Save the file
Taking the backup of the configuration file
Step 4: Before making these changes effect, we are going to take the backup of the main configuration file with the below command.
cp -p /boot/grub2/grub.cfg /boot/grub2/grub.cfg.bak
Note: The above command will create a backup of the configuration file so in case you get any problem we can try to fix it with the old backup file.
Implementing the changes of grub file
Step 5: Now we’ll make this change to work so we’ll run below command.
grub2-mkconfig -o /boot/grub2/grub.cfg
If you want to check the difference between the original backup file which we have taken earlier and new changes, you can use the below command.
diff /boot/grub2/grub.cfg /boot/grub2/grub.cfg.bak
That’s it, now you can restart the system, and at boot menus option try to press e for edit the system settings and it will ask for username and password.
Conclusion
In this tutorial, you learned about how to set a grub password. This is a very important step to secure your Linux server or computer. I hope, you understand but if you have any questions, you can ask in the comment section.
Also, you can further learn about
