HomePC relatedHow to secure Grub 2 in Fedora Linux

How to secure Grub 2 in Fedora Linux

James Japan avatarPosted on by  

This is an technical article that only Linux users would understand and appreciate.

I like to secure the Grub boot loader to make it harder for anybody but me to get root access to my PC by either a cold startup, or rebooting the system. Grub version 1 had a password option. It was easily implemented by editing the grub.conf configuration file and adding the password option data. But in Fedora 16, Grub version 2 has replaced Grub 1, and Grub 2 doesn’t seem to have a password option. At least I haven’t figured it out yet. Moreover, Grub 2 makes it even more apparent how to get root access because it gives a system recovery option for each kernel version!

I learned by chance that changing the default Grub time out to 0 in Grub 2 prevents the Grub startup screen from showing even when purposely trying to show it by hitting the ESC key! Grub 1 did show the Grub options screen when hitting ESC just before booting the kernel even though its time out was set to 0, but Grub 2 does not show the Grub options when its time out is set to 0 no matter how many times I hit the ESC key, and even after repeated attempts!

Disclaimer: Do this at your own risk! Fedora does not recommend it because you have no option to use the previous kernel if a kernel update fails! However you can still use the recovery option from the installation DVD — if you know what you’re doing.

To change the default time out in Grub 2, from Terminal log in as a super user with the su command, and with your favorite editor load the /etc/default/grub file. I used Leafpad:

# leafpad /etc/default/grub

The first line has: GRUB_TIMEOUT=10
I changed the 10 to zero: GRUB_TIMEOUT=0

Next save the file, exit the editor and run the following command:

# grub2-mkconfig -o /boot/grub2/grub.cfg

Next time you boot your PC, you should not see the Grub screen again. Though you don’t have recovery options from the startup screen anymore, you can still use your Fedora installation disk for system recovery if you need to.

image_pdfDownload a PDF file of this article.

Related posts:

Fixing LDXE Shutdown Menu after Upgrading from Fedora 17 to 18January 21, 2013
How to Install Elementary Pantheon Desktop on FedoraJanuary 17, 2018
Using Gnome ShellMarch 1, 2010
Upgrade to Fedora 12 betaNovember 2, 2009
Beware of False Virus Popup Reports from Internet PagesSeptember 5, 2009
How to reinstall Windows on a Notebook PC with no CD / DVD driveJanuary 29, 2011
Move from Fedora 17 to Linux Mint DebianNovember 13, 2012
Helping friends migrate from Windows to LinuxJanuary 15, 2013
A Method to Retrieve Data From a Failing Hard DiskJanuary 18, 2018
The best way to safeguard your PC from bugs and virusesFebruary 12, 2009
Please follow and like us:
error
fb-share-icon
Tweet
fb-share-icon
(Visited 70 times, 1 visits today)
Posted in PC related Tagged , , , permalink

About James Arendt

I was raised in the Hegewisch neighborhood of Chicago, Illinois, served in the USAF from 1970 to 1974, honorably discharged and became a full-time evangelist for Christ living 40 years in Japan, 3.5 years in Russia, and a few months in other countries such as Finland, Poland, Estonia, Latvia, South Korea, Taiwan and mainland China where I also served the King of Kings, Jesus, as an Ambassador for His Kingdom. My full bio.

If you like this article and my work on this website, you can show your appreciation by sending me a gift through PayPal by clicking on the donate button. This website and my daily work on it adding new articles is because of faithful followers of Jesus Christ whose hearts the Lord touched to send us a gift towards our support. I'm now 74 and get only a small social security pension from the US government because I worked only 10 years under the Social Security system.

Either create or log into your PayPal account and send your gift to:
james.arendt@jamesjpn.net
Please click on the option "Friends and Family" before sending or I will not receive it.

Comments

How to secure Grub 2 in Fedora Linux — No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags allowed in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

James Japan