Password for single-user, maintenance issue.

[kalpana]

Hello All,

As part of the Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG), a check for setting the "single-user and maintenance mode" to authenticate with password is required. Totally agree however when I followed the instructions the system now requires a root password every time the workstation is bounced. Please find the commands I used to per their instructions. Not sure why this is happening. Also is their a process to reverse? I tried on one of two machines to manually edit the "/etc/grub.d/40_custom" file and ran "update-grub" I have since bricked the OS on that machine. Please see commands below.

Thanks All,
John

$ grub-mkpasswd-pbkdf2 Enter Password:
Reenter Password:
PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.MFU48934NJD84NF8NSD39993J DHF84NG

Using the hash from the output, modify the "/etc/grub.d/40_custom" file with the following command to add a boot password:

$ sudo sed -i '$i set superusers=\"root\"\npassword_pbkdf2 root <hash>' /etc/grub.d/40_custom

where <hash> is the hash generated by grub-mkpasswd-pbdkf2 command.

Generate an updated "grub.conf" file with the new password by using the following command:

$ sudo update-grub