----
In 2004, more serious flaws were discovered in MD5, making further use
of the algorithm for security purposes questionable—specifically, a
group of researchers described how to create a pair of files that
share the same MD5 checksum.[4][5] Further advances were made in
breaking MD5 in 2005, 2006, and 2007.[6] In December 2008, a group of
researchers used this technique to fake SSL certificate
validity,[7][8] and US-CERT now says that MD5 "should be considered
cryptographically broken and unsuitable for further use."[9] and most
U.S. government applications now require the SHA-2 family of hash
functions
----
http://en.wikipedia.org/wiki/MD5
The next step is to edit the GRUB configuration, so it sends its
messages to the serial console. One of the most important things is to
set a password, otherwise anyone can connect a serial cable, edit the
GRUB configuration line while the system is booting (via the "e" key),
and get root access. When a password is set, interactive menu editing
will be disabled, unless the correct password is entered. To set the
password, we first need to get the encrypted version of it.
Run grub, and use the "md5crypt" command to encrypt the password:
Copy the encrypted version of the password (we need it for the next
step), and then type quit to exit.
Now, we need to edit the GRUB configuration. Edit the
/boot/grub/menu.lst file (by typing nano /boot/grub/menu.lst), and
find this section:
## password ['--md5'] passwd
# If used in the first section of a menu file, disable all
interactive editing
# control (menu entry editor and command-line) and entries protected by the
# command 'lock'
# e.g. password topsecret
# password --md5 $1$gLhU0/$aW78kHK1QfV3P2b2znUoe/
# password topsecret
Below that, add:
password --md5 $1$AlfMq1$FxRolxW5XvSLAOksiC7MD1
serial --unit=0 --speed=38400 --word=8 --parity=no --stop=1
terminal --timeout=10 serial console
---
I wonder:
1. is there an updated tuturial on getting a serial console working in f17?
2. since that 2007 tutorial used grub, and fedora 17 uses grub2 I
wonder if there´s also a need to specify a hashed password in a grub2
conf file, and if there are options to use a hashing algorithm
different than md5
Fernando Cassia wrote:
> 1. is there an updated tuturial on getting a serial console working in f17?
F17 uses GRUB2. Find any GRUB2 docs for serial terminals online or at
your terminal:
$ info grub2
/Serial[ENTER]
> 2. since that 2007 tutorial used grub, and fedora 17 uses grub2 I
> wonder if there´s also a need to specify a hashed password in a grub2
> conf file, and if there are options to use a hashing algorithm
> different than md5
I believe GRUB2 uses SHA512. You can even pass a salt.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
07-09-2012, 04:23 PM
Fernando Cassia
md5 and setting up a serial console
On Mon, Jul 9, 2012 at 1:17 PM, Michael Cronenworth <mike@cchtml.com> wrote:
> I believe GRUB2 uses SHA512. You can even pass a salt.
Thanks!
My concern was that grub2 were still using md5
FC
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
md5 and setting up a serial console
