Bypassing grub in Linux – prob & solution

Did you just install some linux distro in your VM? or your own machine? Were you doing it by watching a tutorial on the web? Did you install grub? Have you password protected the user? Yes? Then you are secure right? The answer to that is NO!

The Problem : Bypassing grub can be done easily.

Ok tell me then, what’s the problem in that? The problem is that unauthorized users can edit the grub boot configuration and boot as root. After that the user can either collect any data in the users account(Passive). Or the unauthorized user can reset the root user password and/or other user passwords(Active). However though, if you don’t have any sensitive data whatsoever in the VM or machine; Or if you don’t want any security for the OS then you are better off leaving it as it is.

In this blog post I will walk you through how to reset the root password by bypassing grub.

Firstly as you bootup the VM, when grub options are displayed press ‘e’. Then you will land in a screen such as this. Now you must go to the kernal line as shown below and add in 'init=bin/bash'.

Once that is done all you need to do is press f10 to boot. You may want to press fn + f10 in some cases. Then you will see a screen like this.


Now you must issue the commands: mount -o remount,rw /
At this point, you are ready to reset the root password. So go ahead and change it. Finally, you need to issue the command touch /.autorelabel.(This is because you have done an unauthorized thing and need to clean the mess or clear the tracks).

Afterwards when you reboot into the machine, you will be able to access the root account with the new password you have used.

The solution : Adding grub authentication.

Grub has a solution to this problem. That is, enabling grub authentication options. I have already tried it in one of my VMs. I will have an in detail blog on this so you can see how to fix this problem. So stay tuned! :).