The various Linux boot loaders also can have a boot password set.
LILO, for example, has password
and restricted
settings; password
requires password at boot time,
whereas restricted
requires a boot-time password only if you
specify options (such as single
) at the LILO
prompt.
From the lilo.conf man page:
password=password
The per-image option `password=...' (see below) applies to all images.
restricted
The per-image option `restricted' (see below) applies to all images.
password=password
Protect the image by a password.
restricted
A password is only required to boot the image if
parameters are specified on the command line
(e.g. single).
Keep in mind when setting all these passwords that you need to remember them. :) Also remember that these passwords will merely slow the determined attacker. They won't prevent someone from booting from a floppy, and mounting your root partition. If you are using security in conjunction with a boot loader, you might as well disable booting from a floppy in your computer's BIOS, and password-protect the BIOS.
If anyone has security-related information from a different boot
loader, we would love to hear it. (grub
, silo
, milo
, linload
, etc).
Note: If you have a server machine, and you set up a boot password, your machine will not boot up unattended. Keep in mind that you will need to come in and supply the password in the event of a power failure. ;(