第11章 加强控制台安全(注意:红字)
1、查看rpm包的安全加密
[root@teachers ~]# rpm -vvK wpa_supplicant-0.7.3-4.el6_3.x86_64.rpm
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: opening db environment /var/lib/rpm cdb:mpool:joinenv
D: opening db index /var/lib/rpm/Packages rdonly mode=0x0
D: locked db index /var/lib/rpm/Packages
D: opening db index /var/lib/rpm/Name rdonly mode=0x0
D: Expected size: 374024 = lead(96)+sigs(1284)+pad(4)+data(372640)
D: Actual size: 374024
wpa_supplicant-0.7.3-4.el6_3.x86_64.rpm:
Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Header SHA1 digest: OK (b52f9919343fe5ca32fd0bd33ea56abe65f26e2f)
V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
MD5 digest: OK (4398e24ce42bd0c70e5e3053c6cbf812)
D: closed db index /var/lib/rpm/Name
D: closed db index /var/lib/rpm/Packages
D: closed db environment /var/lib/rpm
2、grub.conf加密方式
[root@teachers ~]# grub-crypt
Password:
Retype password:
$6$kUQ43DB0z0OurmIN$pVqimoXHB5CiUFCmTA3hM/uP7s42uGFUwnLAi/QgL9e5pf.ZEphqK9XJBZuptypT3LWHWwL.qT.KuNd1YxS
以上这种方式是SHA512加密方式
3、将密码写入grub.conf配置文件
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
password
encrypted $6$kUQ43DB0z0OurmIN$pVqimoXHB5CiUFCmTA3hM/uP7s42uGFUwnLAi/QgL9e5pf.ZEphqK9XJBZuptypT3LWHWwL.qT.KuNd1YxS
title Red Hat Enterprise Linux (2.6.32-358.el6.x86_64)
4、重启系统进入grub配置