VMware Cloud Community
fcapizzo
Enthusiast
Enthusiast
Jump to solution

Setting up a grub password

I'm following the VI3 Security Hardening Guide which mentions setting a grub password. At a console sessions (I've done this both at the physical console of the server and via a remote PuTTY session) I type grub, then md5crypt. I type in a password and it outputs an encrypted version of the password. I then edit /boot/grub/grub.conf and add the following line:

password -md5 $1$LqZYD$068nHGYkR9sc6m1G/lpGnx

Upon rebooting the ESX host, I'm prompted to hit 'p' at the grub loader to enter the password. I've tried the password several times, and I'm (literally) met with a "Failure!" message. I've run md5crypt several times and have pasted other encrypted passwords into the grub.conf file, all with no success. And yes, I'm 100% sure I used the same password I used when running the md5crypt command.

Anyone know what I'm doing incorrectly?

0 Kudos
1 Solution

Accepted Solutions
virtualdud3
Expert
Expert
Jump to solution

Try adding:

password --md5 $1$LqZYD$068nHGYkR9sc6m1G/lpGnx

(with two "-"'s before the md5)




###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!

View solution in original post

0 Kudos
4 Replies
Texiwill
Leadership
Leadership
Jump to solution

Hello,

How complex is your password? Are you using multibyte characters or any special characters or characters outside the range of the standard alphanumeric and punctionation? Are you sure you are grabbing everything when you cut-n-paste? Granted it should be able to handle this, but always check.

I use a script to put mine in place it goes like this, where /tmp/grub.conf; mv /tmp/grub.conf /boot/grub/grub.conf

Best regards,

Edward L. Haletky, author of the forthcoming 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', publishing January 2008, (c) 2008 Pearson Education. Available on Rough Cuts at http://safari.informit.com/9780132302074

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
virtualdud3
Expert
Expert
Jump to solution

Try adding:

password --md5 $1$LqZYD$068nHGYkR9sc6m1G/lpGnx

(with two "-"'s before the md5)




###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
0 Kudos
fcapizzo
Enthusiast
Enthusiast
Jump to solution

It was that extra dash "-" that killed me. Extra dash added, grub likes me. Thanks!

0 Kudos
virtualdud3
Expert
Expert
Jump to solution

Glad to help. Man, if only I had a nickel for every time the presence/lack of a "-" has bitten me in the caboose!!!



###############

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

############### Under no circumstances are you to award me any points. Thanks!!!
0 Kudos