Cent OS 7 and most other Linux distributions use the GRUB2 boot loader. This guide shows you How to set the grub password in CentOS 7 and test it. The GRUB Menu can be protected by a password and this guide shows you how to set the grub password in CentOS 7.
What is GRUB2?
This menu shows you all the installed it was first invented by Sir Erich Stefan Boleyn in the year 1995. GRUB2 bootloader is used to load the kernel and the kernel loads the Operating System, In short GRUB is the Module which is used to start the Operating System.
These 4-steps are how to set the grub password in CentOS 7:
- Create an Encrypted Password using grub2-mkpasswd-pbkdf2
- Define Encrypted Password in /etc/grub.d/40_custom
- Refresh /boot/grub2/grub.cfg by grub2-mkconfig -o /boot/grub2/grub.cfg
- Test new password on Boot
Detailed Steps on setting the grub password in CentOS 7
Create an Encrypted Password
Create a password using the grub2-mkpasswd-pbkdf2 command:
Add the Encrypted Password to the Custom Configuration File
Make a copy of the text after your password is, we could add this directly in the main configuration file grub.cfg, but it is recommended not to edit directly so we put it into the /etc/grub.d/40_custom file it is good practice to make a backup copy of the file in case.
Then we can add that password into the /etc/grub.d/40_custom file:
Update the grub.cfg File
Now we have added a new line into the grub file we need to refresh the grub.cfg file by using grub2-mkconfig command, and it is good practise to make a backup of grub.cfg file in case.
An then run the grub2-mkconfig to update grub.cfg file:
We can confirm our password has been added into the GRUB2 Bootloader by cating the grub.cfg file:
Testing the password
Reboot the system
During the boot process hit SPACE BAR at the GUB menu and hit e to edit the GRUB.
Enter in your Username and Password you defined before:
If the password works you will be able to edit the GRUB2 line entry as per screenshot:
So that is how we can protect the GRUB2 Bootloader in CentOS 7.