Passwords and Encryption

Command Line – GRUB 2

© Lead Image © Sergey Nivens, 123RF.com

© Lead Image © Sergey Nivens, 123RF.com

Article from Issue 219/2019
Author(s):

More than just a boot manager, GRUB 2 can help you add another line of protection to your security defenses.

A boot manager is almost as much of the Linux tradition as compiling a custom kernel. Traditionally, a boot manager has been used for choosing a kernel to start and for running multiple operating systems on a single computer. However, at a time when everybody is becoming security conscious, few are aware that GRUB 2, the most popular boot manager, is also capable of using passwords and encryption to provide another level of security [1]. Admittedly, GRUB 2 security is not enough by itself, but it is still worth adding to your in-depth defenses.

GRUB 2 has existed for well over a decade and is rapidly replacing GRUB Legacy, the original version of the boot manager, especially in major distributions. As a result, its basic operation and traditional uses are reasonably well-known. However, before I dive into setting up passwords and encryption, a quick overview is useful, both as a reminder and as an introduction for those who might be still using GRUB Legacy or another boot manager, like the now discontinued LILO.

GRUB 2 has configuration files in several places. The first is the /boot/grub/ directory, which contains grub.cfg, the main configuration file. However, unlike GRUB Legacy, the main configuration file is not edited directly. Neither are the config files for each menu item that are stored in /boot. Instead, GRUB 2 is updated automatically when a kernel is added or deleted from the system or when the user runs the command update-grub, which creates the menu list of available kernels and operating systems. Resources such as the background image are also generally stored in /boot/grub/, although they can be stored in another path.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • GRUB 2 Editor
  • Grub Customizer

    Is the simple black and white GRUB menu causing confusion and obscuring important choices? Why not customize with GRUB themes and the Grub Customizer?

  • Ask Klaus!

    Klaus Knopper is the creator of Knoppix and co-founder of LinuxTag expo. He currently works as a teacher, programmer, and consultant. If you have a configuration problem, or if you just want to learn more about how Linux works, send your questions to: klaus@linux-magazine.com

  • Rescatux Rescue Disk

    If your computer fails to boot, you need a helping hand. Rescatux combines proven repair and rescue tools.

  • Configuring Dual Boot

    When two systems share a single computer, a boot manager handles the prompts that determine which system to boot. We’ll show you several multiple boot scenarios and describe how to set up your system for dual booting Linux with Windows.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News