Password protecting LILO
lilo.conf

By password protecting LILO, No user would be allowed to boot your Linux OS without supplying a valid password. LILO can be password protect by a slight modification in lilo.conf situated at /etc/lilo.conf. This file is used by LILO for all the configuration and settings. Just add the following lines in your lilo.conf file:

password=password
              The per-image option `password=...' (see below) applies to all images.

restricted
              The per-image option `restricted' (see below) applies to all images.

       password=password
              Protect the image by a password.

       restricted
              A password is only required to boot the image if
              parameters are specified  on  the  command  line
              (e.g. single).

Note: Make sure that you do not forget your password otherwise you would not be able to boot your machine. If you are password protecting your server, then your machine won't be able to start again in case of power failiure until you come in and supply the password.

Additional Security Tricks
Make sure to chmod /etc/lilo.conf to "600" (readable and writing for root only) in order to prevent others to read your passwords.

Now, you have password protected LILO but it won't prevent someone from booting from a floppy and mounting your root partition. You can prevent this by disabling boot from floppy in your computer's BIOS. After you are done make sure to password protect the BIOS to prevent others from changing the settings.





This article comes from osforge.com
http://www.osforge.com

The URL for this story is:
http://www.osforge.com/viewtutorial52.html