quick-docs/modules/ROOT/partialsdelete/2delete-proc_setting-password-for-interactive-edit-mode.adoc

[[setting-password-for-interactive-edit-mode]]
= Setting a password for interactive edit mode

If you wish to protect the *GRUB2* interactive edit mode with a password, but allow ordinary users to boot the computer, you have to create a definition file where you set up this functionality: 

.Procedure

. Create the `/etc/grub.d/01_users` file and write the following lines into the file.
+
----
set superusers="root"
export superusers
password root <password>
----

. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu].


.More information

You can encrypt the password by using *pbkdf2*. Use `grub2-mkpasswd-pbkdf2` to encrypt the password, then replace the password line with:

----
password_pbkdf2 root grub.pbkdf2.sha512.10000.1B4BD9B60DE889A4C50AA9458C4044CBE129C9607B6231783F7E4E7191D8254C0732F4255178E2677BBE27D03186E44815EEFBAD82737D81C87F5D24313DDDE7.E9AEB53A46A16F30735E2558100D8340049A719474AEEE7E3F44C9C5201E2CA82221DCF2A12C39112A701292BF4AA071EB13E5EC8C8C84CC4B1A83304EA10F74
----

More details can be found at https://help.ubuntu.com/community/Grub2/Passwords[Ubuntu Help: GRUB2 Passwords].

[NOTE]
====
Starting from Fedora 21, the `--md5pass` kickstart option must be used when using the `grub2-mkpasswd-pbkdf2` command.
====
Update grub2.adoc * Edit original content * Add new content * Fix asciidoc markup * Modularize 2017-12-13 11:45:40 +00:00			`[[setting-password-for-interactive-edit-mode]]`
Fixed Bootloading w/ Grub. 2018-01-20 17:59:12 +00:00			`= Setting a password for interactive edit mode`
Update grub2.adoc * Edit original content * Add new content * Fix asciidoc markup * Modularize 2017-12-13 11:45:40 +00:00
			`If you wish to protect the GRUB2 interactive edit mode with a password, but allow ordinary users to boot the computer, you have to create a definition file where you set up this functionality:`

			`.Procedure`

			. Create the `/etc/grub.d/01_users` file and write the following lines into the file.
			`+`
			`----`
			`set superusers="root"`
			`export superusers`
			`password root <password>`
			`----`

			`. Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the GRUB2 menu].`


			`.More information`

Fixed Bootloading w/ Grub. 2018-01-20 17:59:12 +00:00			You can encrypt the password by using pbkdf2. Use `grub2-mkpasswd-pbkdf2` to encrypt the password, then replace the password line with:
Update grub2.adoc * Edit original content * Add new content * Fix asciidoc markup * Modularize 2017-12-13 11:45:40 +00:00
			`----`
			`password_pbkdf2 root grub.pbkdf2.sha512.10000.1B4BD9B60DE889A4C50AA9458C4044CBE129C9607B6231783F7E4E7191D8254C0732F4255178E2677BBE27D03186E44815EEFBAD82737D81C87F5D24313DDDE7.E9AEB53A46A16F30735E2558100D8340049A719474AEEE7E3F44C9C5201E2CA82221DCF2A12C39112A701292BF4AA071EB13E5EC8C8C84CC4B1A83304EA10F74`
			`----`

Fixed Bootloading w/ Grub. 2018-01-20 17:59:12 +00:00			`More details can be found at https://help.ubuntu.com/community/Grub2/Passwords[Ubuntu Help: GRUB2 Passwords].`
Update grub2.adoc * Edit original content * Add new content * Fix asciidoc markup * Modularize 2017-12-13 11:45:40 +00:00
			`[NOTE]`
			`====`
			Starting from Fedora 21, the `--md5pass` kickstart option must be used when using the `grub2-mkpasswd-pbkdf2` command.
			`====`