grub2 开始支持开机密码功能

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477092

http://grub.enbug.org/Authentication 密码相关配置文件格式

引用:

Basic authentication support has been merged in SVN trunk revision 2529 (2009-08-25)

Example grub.cfg snippet:

代码:

set superusers="user1"

password user1 password1

password user2 password2



menuentry "GNU/Linux" {

        set root=(hd0,1)

        linux /vmlinuz

}



menuentry "Windows" --users user2 {

        set root=(hd0,2)

        chainloader +1

}

Superusers must be set to enable authentication support.

Every superuser can go to commandline, edit menu entrys and execute all menu entrys.

GNU/Linux can be booted by any user.

Windows can be only booted by user2 and user1 who is a superuser.

password command only supports unencrypted plain text passwords.

http://grub.enbug.org/

引用:

2009-09-12 GRUB 1.97~beta3 was released. grub-1.97~beta3.tar.gz

2009-09-04 GRUB 1.97~beta2 was released. grub-1.97~beta2.tar.gz

2009-08-30 GRUB 1.97~beta1 was released. grub-1.97~beta1.tar.gz

从时间上看当前版本 1.97~beta* 貌似已支持开机密码。

另一方面，ubuntu 那帮家伙忒猴急，把一个一个安全问题推送给他们的用户。

用虚拟机试了下，配置中需要添加下面红色部分，

superusers=""，引号可选，非必要，

使用明文密码，貌似暂不支持 grub 方式 md5 密码，

qemu 没问题，kvm 下键盘失效(可能是偶这里 kvm-70 版本太低所致)

代码:

insmod password

set superusers=user1

password user1 password1