[置顶] RH413企业安全加固 第11章 加强控制台安全 第一节

第11章 加强控制台安全(注意：红字)

 

1、查看rpm包的安全加密

[root@teachers ~]# rpm -vvK wpa_supplicant-0.7.3-4.el6_3.x86_64.rpm 

D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key

D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key

D: loading keyring from rpmdb

D: opening  db environment /var/lib/rpm cdb:mpool:joinenv

D: opening  db index       /var/lib/rpm/Packages rdonly mode=0x0

D: locked   db index       /var/lib/rpm/Packages

D: opening  db index       /var/lib/rpm/Name rdonly mode=0x0

D: Expected size:       374024 = lead(96)+sigs(1284)+pad(4)+data(372640)

D:   Actual size:       374024

wpa_supplicant-0.7.3-4.el6_3.x86_64.rpm:

    Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

    Header SHA1 digest: OK (b52f9919343fe5ca32fd0bd33ea56abe65f26e2f)

    V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

    MD5 digest: OK (4398e24ce42bd0c70e5e3053c6cbf812)

D: closed   db index       /var/lib/rpm/Name

D: closed   db index       /var/lib/rpm/Packages

D: closed   db environment /var/lib/rpm

 

2、grub.conf加密方式

[root@teachers ~]# grub-crypt 

Password: 

Retype password: 

$6$kUQ43DB0z0OurmIN$pVqimoXHB5CiUFCmTA3hM/uP7s42uGFUwnLAi/QgL9e5pf.ZEphqK9XJBZuptypT3LWHWwL.qT.KuNd1YxS

以上这种方式是SHA512加密方式

 

3、将密码写入grub.conf配置文件

default=0

timeout=5

splashimage=(hd0,0)/grub/splash.xpm.gz

hiddenmenu

password

encrypted $6$kUQ43DB0z0OurmIN$pVqimoXHB5CiUFCmTA3hM/uP7s42uGFUwnLAi/QgL9e5pf.ZEphqK9XJBZuptypT3LWHWwL.qT.KuNd1YxS

title Red Hat Enterprise Linux (2.6.32-358.el6.x86_64)

 

4、重启系统进入grub配置