The GRUB password is mostly useless. GRUB's documentation - https://www.gnu.org/software/grub/manual/grub.html#Security - says:

By default, the boot loader interface is accessible to anyone with physical access to the console: anyone can select and edit any menu entry, and anyone can get direct access to a GRUB shell prompt. For most systems, this is reasonable since anyone with direct physical access has a variety of other ways to gain full access, and requiring authentication at the boot loader level would only serve to make it difficult to recover broken systems.

However, in some environments, such as kiosks, it may be appropriate to lock down the boot loader to require authentication before performing certain operations.

So, just remove this useless password:

comment (with a leading "#") the lines of /etc/grub.d/01_PASSWORD that are not already commented;
execute 'sudo update-grub'


Reply via email to