Monday, September 16, 2013

Set Password for Single User Mode on Linux (CentOS / RHEL)

http://www.nextstep4it.com/categories/how-to/single-user-mode

Overview :

Setting Password for Single User Mode in Linux , adds security to Linux boxes. If some one access your server physically & reboot server and then  tries to change root password from single user mode . In that case if password is set on single user mode , one has to first enter root password , then only can reset root password .

Note - In Debian like Operating System require root password when booting into single user mode or recovery mode. But RHEL &  CentOS allows access from the console into single user mode without a password.

Setting Password for Single User Mode on Centos 5.X / RHEL 5.X )

Edit the file /etc/inittab , add “su:S:wait:/sbin/sulogin” above the line initdefault  as shown below :

#
# inittab       This file describes how the INIT process should set up
#               the system in a certain run-level.
#
# Author:       Miquel van Smoorenburg,
#               Modified for RHS Linux by Marc Ewing and Donnie Barnes
#
# Default runlevel. The runlevels used by RHS are:
#   0 - halt (Do NOT set initdefault to this)
#   1 - Single user mode
#   2 - Multiuser, without NFS (The same as 3, if you do not have networking)
#   3 - Full multiuser mode
#   4 - unused
#   5 - X11
#   6 - reboot (Do NOT set initdefault to this)
#
su:S:wait:/sbin/sulogin
id:5:initdefault:


Setting Password for Single User Mode on Centos 6.X / RHEL 6.X )

Edit the file /etc/sysconfig/init & replace 'SINGLE=/sbin/sushell'  with '/sbin/sulogin' as shown below :

# What ttys should gettys be started on?
ACTIVE_CONSOLES=/dev/tty[1-6]
# Set to '/sbin/sulogin' to prompt for password on single-user mode
# Set to '/sbin/sushell' otherwise

SINGLE=/sbin/sulogin

No comments:

Post a Comment