Passwords and Encryption
Defense in Depth
Since GRUB 2 passwords can be so easily circumvented, you might wonder if they are worth setting up, especially when one mistake can lock you out of your system and require awkward recovery time. It is true that depending only on GRUB 2's own security would provide weak protection. However, a basic principle of security is defense in depth.
Simply put, defense in depth means setting up as many security measures as possible. If one measure fails to stop an intruder, another one will. Moreover, if a security measure requires a time-consuming workaround, then an intruder has to be strongly motivated to persist, especially if there is a chance that other measures also have to be circumvented. In other words, some defenses are simply not worth the time to penetrate.
I would put GRUB 2's passwords and encryption into this second category. Their value lies less in absolute security than in their nuisance value for intruders and their role as only one of a number of defenses. If you doubt that, make a deliberate mistake in your GRUB 2 configuration and try to recover from it. Even if you know exactly what to do, you may still resent the loss of time. At that moment, you will understand why even relatively weak security can still be part of your defenses.
However, if you want truly strong encryption, encrypt the /boot
partition during installation; then, set up GRUB 2 following the concise instructions on the Debian wiki [4]. The instructions assume a higher degree of expertise than is required to edit GRUB 2 files, which is why I have not detailed them here.
Infos
- GRUB 2: https://www.gnu.org/software/grub/
- /etc/default/grub fields: https://help.ubuntu.com/community/Grub2/Setup#User_Settings:_.2Fetc.2Fdefault.2Fgrub
- Sample /etc/grub.d files: https://www.apt-browse.org/browse/ubuntu/trusty/main/i386/grub-common/2.02~beta2-9/file/etc/grub.d/
- GRUB 2 and encrypted boot: https://wiki.debian.org/Grub2#Configure_encrypted_.2Fboot
« Previous 1 2
Buy this article as PDF
(incl. VAT)