Hello All,
As part of the Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG), a check for setting the "single-user and maintenance mode" to authenticate with password is required. Totally agree however when I followed the instructions the system now requires a root password every time the workstation is bounced. Please find the commands I used to per their instructions. Not sure why this is happening. Also is their a process to reverse? I tried on one of two machines to manually edit the "/etc/grub.d/40_custom" file and ran "update-grub" I have since bricked the OS on that machine. Please see commands below.
Thanks All,
John
$ grub-mkpasswd-pbkdf2 Enter Password:
Reenter Password:
PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.MFU48934NJD84NF8NSD39993J DHF84NG
Using the hash from the output, modify the "/etc/grub.d/40_custom" file with the following command to add a boot password:
$ sudo sed -i '$i set superusers=\"root\"\npassword_pbkdf2 root <hash>' /etc/grub.d/40_custom
where <hash> is the hash generated by grub-mkpasswd-pbdkf2 command.
Generate an updated "grub.conf" file with the new password by using the following command:
$ sudo update-grub