Overview:
Setting Password for Single User Mode in Linux , adds security to Linux boxes. If some one access your server physically & reboot server and then tries to change root password from single user mode . In that case if password is set on single user mode , one has to first enter root password , then only can reset root password .
Note – In Debian like Operating System require root password when booting into single user mode or recovery mode. But RHEL & CentOS allows access from the console into single user mode without a password.
Setting Password for Single User Mode on Centos 5.X / RHEL 5.X
Edit the file /etc/inittab , add ‘su:S:wait:/sbin/sulogin’ above the line initdefault as shown below :
# # inittab This file describes how the INIT process should set up # the system in a certain run-level. # # Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org> # Modified for RHS Linux by Marc Ewing and Donnie Barnes # # Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) # su:S:wait:/sbin/sulogin id:5:initdefault:
Setting Password for Single User Mode on Centos 6.X / RHEL 6.X
Edit the file /etc/sysconfig/init & replace ‘SINGLE=/sbin/sushell‘ with ‘/sbin/sulogin‘ as shown below :
# What ttys should gettys be started on? ACTIVE_CONSOLES=/dev/tty[1-6] # Set to '/sbin/sulogin' to prompt for password on single-user mode # Set to '/sbin/sushell' otherwise SINGLE=/sbin/sulogin
