To provide an appropriate level of security, configure boot loader authentication on your VMware virtual appliances.
If the system's boot loader requires no authentication, users with system console access can alter the system boot configuration or boot the system into single user or maintenance mode, which can result in denial of service or unauthorized system access. Because boot loader authentication is not set by default on the VMware virtual appliances, you must create a GRUB password to configure it.
- Verify whether a boot password exists by locating the
password --md5 <password-hash>line in the /boot/grub/menu.lst file on your virtual appliances.
- If no password exists, run the
# /usr/sbin/grub-md5-cryptcommand on your virtual appliance.
An MD5 password is generated, and the command supplies the md5 hash output.
- Append the password to the menu.lst file by running the
# password --md5 <hash from grub-md5-crypt>command.