On Sat, 2010-06-12 at 00:46 +0530, Pallav Jain wrote: >> This password will only be used within the grub menu. You can, of >> course, use the same password in more than one place. But the MD5 >> crypted version of it will be different. > > (1). Does it mean that the grub is secured now, after implementing > this in the grub.conf file. (2). If the grub is secured and the only > bootable is device is only Harddisk, still the encryption of > hard-drives is requried? may be for the enhanced security. It's only secured in that you can't easily *change* options when booting the computer up in the ordinary way. It's easily bypassed by booting the computer, differently. If you want to secure the contents of the drive against theft, snooping, sabotage, or practical jokers, you'll need to encrypt it. > while i added the encrypted password in the grub.conf file, now after > restarting it asks me password one more time than usual, that is, one > password of starting the pc (of bios), second after selecting the > fedora or winxp (respective) and third logging to that OS (fedora or > XP). (3). But i don't know why it is asking the second password in the > blank black screen? is it the effect of grub.conf file, which was > edited? further if i press 'e' at the menu display, i see the encypted > password, so only authorised one (like one who knows the password) can > edit the same. When you turn on the computer, the first thing that goes to work is the BIOS firmeware. It's used to boot up the computer (from a disc drive, of some sort, or over a network). Usually, you can set two types of passwords into that BIOS: A password that'll need to be entered before you can boot anything. And/or a password for being allowed to change settings. Some BIOSs will let you set both types. For most things, I'd say only bother with setting a password to lock out changing BIOS settings. But for something with important confidential data, such as a laptop that could be easily stolen, you're best to take all the steps that you can. Next, the BIOS will start loading the bootblock of the harddrive, and this is where GRUB comes into play. It's options and settings control what happens next. You can set passwords for whether you can change its options. You can set passwords for what can be loaded next. You can set individual passwords for each different thing, or you can simply use the same password for the things that you want restricted. >> I've typed in the same password, and each time it encrypts it, the >> encrypted version will be different. > > (4). yes the encrypted version is different, but is it the last one > that i have to add in the grub.conf file Either will do, because (simply put) they all decrypt back to the same password. > (5). Why it is so that 'chainloader +1' is only in the second titles' > section and in the first title section it is 'root' while in the > second is 'rootnoverify'. Different requirements for booting different systems. Whether GRUB is passing over (chainloader) to a bootblock on another drive, or partition, and that other thing will take over booting. Or whether GRUB is going to start booting an OS, more directly. You really want to look at the manuals for GRUB. The man page is rather dire, but the info file is much more extensive, as is the website. See: info grub or: http://www.google.com.au/search?q=grub -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines