How do I secure GRUB with a SHA-2 hashed password in RHEL6?
Issue
- How do I set or reset a GRUB password?
- How do I lock down GRUB to prevent people modifying the kernel boot parameters?
- For years the grub-md5-crypt program has been available to generate MD5-hashed passwords for locking down GRUB, but now that MD5 is widely-considered broken (and is of course not FIPS-approved), how can SHA-256 or SHA-512 passwords be used with GRUB?
Environment
- Red Hat Enterprise Linux 6
- grub-0.97-70.el6 or higher
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
