|In a previous article, I wrote about dropping to a recovery console to be able to add oneself back to the admin group. This is a great feature of Ubuntu because, after all, mistakes happen and one should be able to recover from them without too much difficulty. You’ll see that even enterprise-class routers and switches have a “reset button” allowing you root access to the device without a password. However, the concept of a recovery console on an easily-accessed machine like an office desktop or laptop that isn’t password-protected is none too reassuring. This article provides a quick how-to on password-protection of a grub entry.
As a preamble, here’s a link to a great how-to on grub passwords:
I don’t just like providing links to articles though. Nothing pains me more than bookmarking a great article only to have it disappear off the face of the planet. I’ve lost too many good how-to’s this way; so here’s my summary of the procedure:
You should password-protect every recovery mode block, in the very least: at the end of each recovery mode block, add the line ‘password –md5 <the password hash that you generated in step 1>’ (no quotes here, either). For instance:
Save menu.lst and reboot your machine!