grub boot menu is our boot process is particularly important step, so the grub menu if not protected, obviously for our servers is a great threat.
In turn this interface we simply click on the "e", you can enter our grub configuration menu, and can be modified, this is obviously a great threat to the security of our servers, so today we learn together how to how to limit change GRUB boot parameters.
Prior to this experiment we first grub configuration menus and header files for backup, in case the experiment failed and caused damage to the grub file.
Here we set a password to enter the grub boot parameters, and the password hash algorithm.
Then we use the command "vim /etc/grub.d/00_header" into the header file editing mode.
We want to enter the grub boot password and user name to enter parameters into the grub configuration header files at login.
Because we just modify the header file for grub, so we need to re-configure the grub menu.
This time we'll restart the computer, press the "e" ready to enter the grub boot parameters, then you will find that we think need to enter a password. So that our server another layer of security.