Ubuntu Security :: How To Prevent Grub Command-line Boots
May 18, 2011
The ability to manually boot using the Grub command-line constitutes a big security risk in Linux, IMO.Any OS can be booted in this manner from a PXE-LAN, USB, or CD/DVD drive, circumventing BIOS-imposed boot restrictions. (Once a foreign OS is booted, of course, it can be used to access any part of an unencrypted hard drive.) Placing passwords or locking menu items (in the Grub configuration files) does not prevent a user from booting manually using commands entered at the grub command-line.
As it stands now, when presented with the Grub menu (or after bringing up a hidden Grub menu with the "ESC" key), a user only needs to hit "c" to enter the Grub command-line mode to facilitate any type of bootup whatsoever. (They can then enter manually the Grub commands to boot an OS on any device.) This is extremely insecure and allows any passerby to boot the computer with a few keystrokes and a bootable USB drive. How do I configure Grub so that it will require a password in order to enter the command-line mode (and thereby restrict boot options to the menu, which can then be password protected/locked) ?
View 8 Replies
ADVERTISEMENT
Jan 20, 2010
I used the Wubi installer to install the latest version (available from the website) on my second physical HDD. I rebooted my machine and used the Windows 7 bootloader to launch Ubuntu and it launched a GUI install. I wasn't sure how long it was going to take, so I left for about a half hour and when I returned I was back to my Windows 7 logon screen. Naturally, I assumed the install was a success and I rebooted my machine. When I boot again I get the Windows bootloader and I see my options for Windows 7 (which works properly) or Ubuntu. However, if I select Ubuntu I am brought to a command-line and there is an output at the top of the screen stating "Grub bootloader." At this point do I need to type anything to launch the GUI (I'm assuming Gnome) from this? How should I proceed from this point, reinstall?
View 9 Replies
View Related
Mar 4, 2011
After installing the 10.10 Maverick Meerkat, I decided to have a new partition and install Windows 7 on it for development purposes. So this is the method I worked with:
Partitioned the hard disk with gparted
Formatted the drive in NTFS
Installed Windows
Booted into Ubuntu 10.10 Live CD and re-installed grub on the MBR Now after restarting the system a grub command line boots up. I was able to boot into ubuntu with the following commands:
Code:
find /vmlinuz
kernel /vmlinuz root=/dev/hda1 (or its equivalent)
initrd /initrd
boot
Is there any way how to load up the grub GUI with the options to boot up Ubuntu or Windows 7 respectively?
View 9 Replies
View Related
May 16, 2010
I just installed Windows 7 and it erased my Grub bootloader. I followed this tutorial: URL...And now when my computer starts up it goes to the Grub prompt: Code: grub>I guess I did not do the right partition but I'm having a lot of trouble getting it back to how it was where my computer at least loaded the Windows 7 loader.
View 1 Replies
View Related
May 2, 2015
I wanted to install Debian 8.0 on my second hdd in my UEFI machine, but when I choose UEFI boot from USB, GRUB command line appears, and I cannot boot up the setup. I used Rufus to create the bootable USB stick, using the amd64 kde CD image. I tried several images and I deleted the Linux and Efi partitions from previous installation of Ubuntu . Also I deleted GRUB from the Windows 7 Efi partition.
In the UEFI setup fast boot and secure boot are disabled, and I don't seem to have the option to boot in legacy mode, if I choose the simple USB boot option (without "UEFI" in front) I get "please insert correct boot media, and press any key or reboot". I couldn't manually boot from GRUB command line, because it is showing that all the drives are empty, and if I type "boot" I get "please load the kernel first".
View 2 Replies
View Related
Sep 2, 2010
I installed Ubuntu 10.04 via CD and am currently dual booting it with Windows 7. I have a Sony Vaio VPCEA laptop if that matters. After installing Ubuntu, I'm not seeing the GUI when it boots. It will only go to the command line. Worst of all, it's not responding to the "startx" command. That was working last night... not now. Anyway, all I want is the see the GUI on startup. I want to see the splash screen, then the GUI. Very simple. How to do this?
View 9 Replies
View Related
May 19, 2010
turns out this was a result of a failing PSU. has since been replaced.
View 6 Replies
View Related
Sep 2, 2009
A failed upgrade, from disk images, of Fedora 10 to 11 resulted in no GRUB bootloader main menu appearing on bootup (no WIN, no LINUX choices from which to boot). I am booted directly into the GRUB command shell...so, no WIN, no LINUX, nothing. And my understanding of GRUB shell commands is very low.I have 2 hard disks, WIN on the first, LINUX on the second. I believe GRUB Bootloader is on the first disk.Sadly, I have no external install media.An old grub.conf hardcopy indicates that root =/dev/sdb2, root (hd1,0), kernel /vmlinuz....olderversion...(relative to /boot),initrd /initrd...olderversion... (relative to boot). and WINDOWS on (hd0,1), with chainloader +1
I need to somehow get past this grub shell, and re-install/re-instate the grub bootloader, so it can boot normally.What grub command(s) must I use? I've played around with the commands, but with no success.I worry that if I can't resolve this, the whole machine may be useless.
View 9 Replies
View Related
May 6, 2010
I clicked on the upgrade to LTS 10.04 option on my Asus 901 EEE PC and after completion it will only boot straight to command line...I would like to get back to the UNR Gui.
View 2 Replies
View Related
Aug 12, 2010
Occasionally Lucid boots to what I can only describe as a command line desktop-ie the whole screen is like a terminal, theres no GUI, have to restart by hitting the power button. Is there anyway I can stop it, or start the GUI from there?
View 4 Replies
View Related
Feb 21, 2011
I decided to dual boot install Ubuntu with my Windows 7. After a lot of hair pulling, i finally managed to boot the live cd environment with "nomodeset". From there i installed ubuntu. When it finished installing, i booted to the new ubuntu install only to be presented with a command line login. If i change the boot line from "quiet splash" to "nomodeset", i can coax ubuntu to boot in low graphics mode. However this is not a permanent fix, and doing so causes a 2 inch offest of the screen on the right hand side. Only the have the missing 2 inches appear on the left side. If from the "Ubuntu is running in low graphics mode" message, i select "console login", and type "startx" i just comes out with "X Server Fatal error- No Screens found". I also tried:
Code:
But it still didn't help. I'm running out if ideas here, can anyone point me in the right direction?
This is a cd that i got free from Canonical themselves. It's Ubuntu 10.04 LTS, and I have Intel Integrated Graphics.
View 1 Replies
View Related
Mar 7, 2011
I successfully installed 10.10 dual booting with Win 7.Today I booted into Win7 and Windows insisted on running checkdisk. After about 10 minutes Windows booted. I then rebooted into Ubuntu. Unfortunately Ubuntu only boots into the command line now. Being very new to Linux I don't have any idea how to fix this.
View 2 Replies
View Related
Apr 29, 2011
I did a dist-upgrade this morning, and now every time I boot, it only goes to the command line login prompt.
Attempting to stop and restart gdm does nothing besides make the screen shake for a second, and I've installed all available video drivers from Available Drivers, and the ones from nvidia's website.
I am, however, able to boot into recovery mode and then select failsafe graphics mode, and get into the desktop.
Any ideas how I can get my normal boot to work?
View 1 Replies
View Related
Nov 20, 2010
my Setup is Fedora 14 x64 + radeon hd 4830 i've downloaded .run package from ati site with latest driver for x64 systems. installed it, but didn't edited grub.conf becouse i didn't understood anything there (probably didn't spent enough time to get things understand) Now i've lost possibility to enter my Fedora system. during boot it lost it's modern blue boot screen (with filling drop), it was replaced by standard old boot screen with triple-color stripe. after this boot screen monitor start blinking going on and off. and on last step i'm getting "Fedora 14 boot bla bla bla something" on screen. nothing works except Ctrl+Alt+Delete. system reboots showing successful daemons shutting sequence. How can i edit grub menu from initial grub screen is it possible to it's own 'e' option or 'c' from grub command line?
View 4 Replies
View Related
Mar 9, 2011
Has anyone tried encrypting the boot partition to prevent the kernel from being modified. Iv tried following this but I'm running into issues when building. [URL] Im using the source from bzr checkout [URL] Last time I tried I screwed grub and it wouldnt boot.
View 9 Replies
View Related
Jan 21, 2011
I updated the kernel to 2.6.35.10-74.fc14.x86_64 and had to reinstall and rebuild the kernel module for my ATi driver as usual, so I edited the kernel arguments at the grub splash screen so that I could boot into single user mode and install the driver (i.e appending the relevant line with '1'). The interesting thing is, the system booted directly into single user mode as root when the system started up. No password was required.
View 6 Replies
View Related
Jun 2, 2010
Can I use the grub command line to reinstall grub from a ubuntu cd?
View 1 Replies
View Related
Jan 26, 2010
I had linux installed on dell latitude d600, I did fdisk and deleted the OS so I can install Xp. When I try to boot from the Window xp cd , I get LINUX grub command line . " grub>" and can't do anything.I need window installed ASAP for a class that I am taking .
View 2 Replies
View Related
Dec 1, 2010
Code:
grub-install -v
grub-install (GNU GRUB 0.97)
I loaded GRUB, and now when I reboot it goes straight into the 'grub>' command line. Initially GRUB had the root as (hd0,2), whereas the boot is on (hd0,1)...(hd0,2) is my '/home' partition, and (hd0,1) is my '/' partition... So on a bootup I ran...
Code:
root (hd0,1)
setup (hd0)
Now when I boot I still get the 'grub>' command line, but now the root is correct.
From 'grub>' I can type...
Code:
grub> configfile /boot/grub/menu.lst
GRUB will then show the menu, and I can click the listings to load them. All's fine, but why doesn't GRUB just load the menu.lst without my prompting? How can I automate this process of typing 'configfile /boot/grub/menu.lst' each time I boot?
View 1 Replies
View Related
Apr 1, 2010
I was having so much trouble with ubuntu 8.04 that I deleted off my computer and did a fresh install of 9.10. I downloaded the 64 bit iso from the internet, burned it to a disc and installed it. When it asked if it should be the server version I thought I said no. Now when I boot it only boots to the server version and all I get is command line. Can I get out of this and get my regular ubuntu screen back or did I install the wrong version?
View 6 Replies
View Related
Mar 10, 2011
I can only boot fedora and red hat on my pc, I like fedora but Im having acpi problems and need to upgrade BIOS, which should be done from windows I hear. So I deleted fedora partition and plan on re-installing after all this.I've used http://www.ultimatebootcd.com/Iboot loads up but than complains of not finding something with acpiI tried knoppix but i think i was suppose to extract before I burned Ill try again if suggestedany ideas on how to get windows up i've tried many windows disc to no success
View 10 Replies
View Related
Mar 26, 2011
I am not familiar with Linix server, I have installed ubuntu server for study purpose. Now I am facing problem when I install openssl from command line. This is the error message:
openssh-server : Depends: libwrap0 (>=7.6-4~) but it is not installable E: Broken packages
View 1 Replies
View Related
Jan 9, 2010
i have successfuly installed ubuntu karmic inside my windows 7. After an update, i restarted it. but it didnt boot ubuntu. instead it shows grub's command line. what should i do? all of my java projects/programs is in there.
View 2 Replies
View Related
May 8, 2011
I'm trying to set up an unprivileged user on some field systems running 11.04 with the standard Gnome shell (rather than Unity), and ideally that user would not have access to the command line. The user can log in through GDM (but not the text consoles) with no password, so I need to provide the absolute minimum of privileges; basically the user should only be able to run one program.
I've already set the /desktop/gnome/lockdown/disable_command_line key with gconf-editor for that user, which successfully disabled the "Run Command" dialog. Unfortunately, even though the description of the key in gconf-editor says "prevents the user from accessing the terminal...", the terminal emulator is still accessible from the Applications menu, and I haven't been able to find a good way of disabling the terminal or removing it from the menu. The only thing that occurs to me is an ugly hack: replace the gnome-terminal binary with another that checks to make sure the user is not the unprivileged one and then starts gnome-terminal.
View 5 Replies
View Related
Dec 18, 2009
with that said i burned fedora 8, 10, and 11 checked the sha1 verified everything was fine i had originally installed fedora 8 on an old pc i had from windows XP without any problems messed with it some, upgraded to 10 again no problems. tired to update 11 got a message about ext3 not found ext4 not found, re installed 10 the loader loads up now i have a blank screen with a cursor it the left hand corner
again i had 10 installed fine prior to all this can any one point me in the right direction to solve this issue or am i way over my head trying to figure this stuff out. i have spent 3 days searching these forums.
i'm just not quite sure what i need to do. oh, i tried to install 8 again and it wouldn't take either. i think the 10 problem has something to do with the graphic driver it's a geforce 7400 nvidia and something to do with the grub, but like i said i get a blinking cursor and not quite sure how to access the grub or command line.
View 3 Replies
View Related
Jan 4, 2011
Does anyone know how to login through command line in grub.
View 14 Replies
View Related
Feb 14, 2010
I just booted into Linux and the Update Manager prompted me to restart. After the restart the GRUB interface I expect to see is no longer there and now it is just a command line that says press tab for more options.I have not got a clue with shell language as I have had no time to learn it as of yet. Do I need to uninstall and reinstall Linux or is there a command that can be typed that boots up the operating system.Even better is there something I can do that can return me to seeing the interface like I was used to.
View 3 Replies
View Related
Sep 29, 2010
I recently updated, and now when I boot it only goes as far as grub command line. There is no grub menu. The computer is a Dell Inspiron 8600 laptop with only Ubuntu installed -- no dual boot, no weird partition schemes. Originally installed Ubuntu 09.04 on this computer, upgraded a couple times and it currently has (had) 10.04.1 LTS running. The update should have upgraded from kernel 2.6.32-23 to 2.6.32-24. I can boot with a live CD and mount the hard drive. The drive seems fine, so it appears to be simply a grub config issue. I have to boot with live cd to get online to check for potential solutions. So I'm taking some notes on how to use grub.
View 4 Replies
View Related
Jan 5, 2011
how to login through cmdline in grub.I tried some of codes but failed.codes were-grub>set root=(hd0, grub> linux /vmlinuz root=/dev/(sda, ro error;no such disk
View 6 Replies
View Related
Apr 30, 2009
I have a bunch of mislabeled files among other things but I'll start with this first. as using the command line to fix this issue.
View 5 Replies
View Related
