Centos server prohibits single-user mode (single) to enhance system security

1. Linux forgets the root password and enters the single-user mode to change the password

(1) about lilo

1. When lilo appears: Enter Linux single

Lilo: Linux single

2. Press enter to directly access the Linux Command Line

3. Use the password command to change the password

(2) about grub

1. When the grub screen appears, use the up/down key to select the item that you usually start Linux, and then press the e key.

2. Use the up and down keys again to select the one you usually start Linux (similar to kernel/boot/vmlinuz-2.4.18-14 ro root = LABEL =/), and then press the e key

3. Modify the command line you see now, and add the number 1 or single:

Kernel/boot/vmlinuz-2.4.18-14 single ro root = LABEL =/1

Kernel/boot/vmlinuz-2.4.18-14 single ro root = LABEL =/single

4. Press enter to return, and then press the B key to start, you can directly enter the Linux Command Line

5. enter passwd and press enter to change the password. By default, press enter to directly change the password of the ROOT Super management user. Of course, you need to change the password of other users, after PASSWD, directly follow the user name to change the password.

Or

# Vi/etc/shadow

Delete the contents of the first line, that is, the content before "root" and "Next", in the line starting with "root,

The first line is similar

Root ::......

Save

# Restart reboot. the root password is blank.

(3) start with the first installation disc of redhat. When 'boot: 'appears, enter "Linux rescue" and press enter until a command prompt is displayed, enter "chroot/mnt/sysimage" to obtain the root permission, enter "password root" to change the root password, and then reboot.

Ii. Single User prohibited

If you are not allowed to access a single user, you must first configure the password for GRUB. You only need to modify/boot/grub. conf or/etc/grub. conf (/etc/grub. conf is/boot/grub. conf), for example, vi/boot/grub. conf to edit the configuration file.

Here we will introduce a method to add a password to grub to prohibit others from entering the system in single-user mode. There are two methods:

1. plaintext

Add password = password to the next line of the splashimage parameter. After saving it, restart the computer and log on to the GRUB menu page again. You cannot directly use the e command to edit the startup tag. You must use the p command first, enter the correct password to edit the startup tag. however, the plaintext password is not safe. if you have obtained the plaintext password, you can modify the GRUB startup tag to change the root password.

2. MD5 Encryption

Enter the grub-md5-crypt in the terminal and press enter, then the system will ask to enter the same password twice, then the system will output the MD5 code. You only need to copy the generated MD5 ciphertext and add password -- md5 MD5 ciphertext in the next line of the splashimage parameter, for example, splashimage = (hd0, 0)/grub/splash.xpm.gz

Password -- md5 $1 $ xI6vS $ Wi5pi8JyORUNnj3/0Yq2/0

Hiddenmenu

After saving it, restart the computer and log on to the GRUB menu page again. You cannot directly use the e command to edit the startup tag. You must use the p command first, enter the correct password to edit the startup tag.