Warning: krsort() expects parameter 1 to be array, null given in /home/.fluke/nuno_brito/boot-land.net/forums/sources/d22mods/mvtt.php on line 58

Warning: reset() [function.reset]: Passed variable is not an array or object in /home/.fluke/nuno_brito/boot-land.net/forums/sources/d22mods/mvtt.php on line 59
Password protect - Boot Land
 
> Password protect, Either via Grub or at PE Switcher
powaking
post Sep 4 2007, 03:36 PM
Post #1


Advanced Member
***

Group: Members
Posts: 121
Joined: 11-September 06
From: Fall River, MA
Member No.: 372


United States


Anyone know if its possible to password protect the CD to keep it from being used by unwanted folks?
Go to the top of the page
 
+Quote Post
Digg this topic Add to my del.icio.us 5 Pages V   1 2 3 > »   
Start new topic
Replies (1 - 9)
jaclaz
post Sep 4 2007, 05:10 PM
Post #2


Finder
***

Group: Advanced user
Posts: 1,162
Joined: 14-July 06
Member No.: 2


Italy


Grub4dos should be compatible with the grub password (MD5) syntax.
Reference:
http://www.cs.wcupa.edu/~rkline/Linux/grub.html

Reference:
http://grub4dos.sourceforge.net/wiki/index...24341;#password
QUOTE (translated from Chinese)
<pre> Password [-- md5] PASSWD [FILE] </ pre> set a password. When the menu at the first document, to ban all interactive menu editing functions, including editing menu items ( `e`) / access the command line ( `c`). When the correct password (PASSWD designated), included in the new menu (designated by the FILE). If you do not specify FILE, then these were banned function will be opened. Of course, you can use this command a certain menu items, to enhance the security of the system. Parameters -- Note md5 password (PASSWD) is the use of encryption md5crypt.


jaclaz
Go to the top of the page
 
+Quote Post
Galapo
post Sep 4 2007, 10:58 PM
Post #3


Advanced Member
***

Group: Advanced user
Posts: 191
Joined: 16-July 06
From: Sydney
Member No.: 11


Australia


Depends a little on what you want exactly: i) simply stop unwanted use of your disk; or ii) to stop unwanted use and protect commercial software lisences.

I achieve the second by splitting off "system files" from "program files", ie those files which are necessary for booting, and those files which are additional. Program files get loaded into a vmware image (so that this can be mounted as writable with an undo file) which is then loaded into an UltraISO encrypted password-protected .isz image which is mounted at boot after the sucessful entry of the password. I like the .isz file because it can be compressed vis-a-vis a truecrypt container which is another possibility. Reg files with software lisences can be kept in the image and merged after the image is mounted etc.

Hope this helps. I can add more detail if needed.

Regards,
Galapo.


--------------------
Go to the top of the page
 
+Quote Post
powaking
post Sep 4 2007, 11:40 PM
Post #4


Advanced Member
***

Group: Members
Posts: 121
Joined: 11-September 06
From: Fall River, MA
Member No.: 372


United States


QUOTE (Galapo @ Sep 4 2007, 10:58 PM) *
Depends a little on what you want exactly: i) simply stop unwanted use of your disk; or ii) to stop unwanted use and protect commercial software lisences.

I achieve the second by splitting off "system files" from "program files", ie those files which are necessary for booting, and those files which are additional. Program files get loaded into a vmware image (so that this can be mounted as writable with an undo file) which is then loaded into an UltraISO encrypted password-protected .isz image which is mounted at boot after the sucessful entry of the password. I like the .isz file because it can be compressed vis-a-vis a truecrypt container which is another possibility. Reg files with software lisences can be kept in the image and merged after the image is mounted etc.

Hope this helps. I can add more detail if needed.

Regards,
Galapo.


Um yah, thats a bit too deep for me, just looking to password protect the CD from booting or password protect the environment.
Go to the top of the page
 
+Quote Post
Ove
post Sep 5 2007, 07:59 AM
Post #5


.script developer
***

Group: .script developer
Posts: 162
Joined: 17-July 06
From: Fagaras, Romania
Member No.: 24


Romania


You could use CDShell as a boot loader, and make a script that would require a password.
Even if your CD got cloned by someone, it would still require a password to boot.

CDShell is a free boot loader, that supports complex scripts. I used it to create a boot menu on my unattended XP CD a while back. It also has example scripts, including one that uses a password to protect the CD.

http://www.cdshell.org/


--------------------
Get my scripts here:
ove.boot-land.net
Go to the top of the page
 
+Quote Post
powaking
post Sep 5 2007, 12:27 PM
Post #6


Advanced Member
***

Group: Members
Posts: 121
Joined: 11-September 06
From: Fall River, MA
Member No.: 372


United States


QUOTE (Ove @ Sep 5 2007, 07:59 AM) *
You could use CDShell as a boot loader, and make a script that would require a password.
Even if your CD got cloned by someone, it would still require a password to boot.

CDShell is a free boot loader, that supports complex scripts. I used it to create a boot menu on my unattended XP CD a while back. It also has example scripts, including one that uses a password to protect the CD.

http://www.cdshell.org/


Well wanted to keep using GRUB for my VistaPE package. Does CDShell support VistaPE?
Go to the top of the page
 
+Quote Post
jaclaz
post Sep 5 2007, 02:03 PM
Post #7


Finder
***

Group: Advanced user
Posts: 1,162
Joined: 14-July 06
Member No.: 2


Italy


OK, I simply cannot stand this. frusty.gif

As said, grub4dos has password protection features.
What is debatable is whether they are secure or not, see this:
http://www.cyberciti.biz/tips/howto-recove...r-password.html

Example:
1) copy and paste this to menu.lst:
QUOTE
password mytest (fd0)/test.lst
color black/cyan yellow/cyan
timeout 30

title Unprotected item IO.SYS
find --set-root /io.sys
chainloader /io.sys


2) copy and paste this to test.lst:
QUOTE
color black/cyan yellow/cyan
timeout 30

title NT password protected item
find --set-root /ntldr
chainloader /ntldr


Copy both menu.lst and test.lst to root of the device.

Try booting from it.

Customize as you wish, in the line:
password mytest (fd0)/test.lst
password is the command
mytest is the password value
(fd0)/test.lst is where to find the password protected menu.

If you want a minimum of security about the password, encrypt it with MD5, RTFM ranting2.gif to learn how to do it.

jaclaz
Go to the top of the page
 
+Quote Post
powaking
post Sep 7 2007, 12:43 AM
Post #8


Advanced Member
***

Group: Members
Posts: 121
Joined: 11-September 06
From: Fall River, MA
Member No.: 372


United States


QUOTE (jaclaz @ Sep 5 2007, 02:03 PM) *
OK, I simply cannot stand this. frusty.gif
...
If you want a minimum of security about the password, encrypt it with MD5, RTFM ranting2.gif to learn how to do it.

jaclaz


Not sure why the anger, just asking for some tips on how best to do it. Looking to see if its something that can easily be done via scripting (such as build the password on the fly prior to compiling the iso).

s
Go to the top of the page
 
+Quote Post
jaclaz
post Sep 12 2007, 01:12 PM
Post #9


Finder
***

Group: Advanced user
Posts: 1,162
Joined: 14-July 06
Member No.: 2


Italy


QUOTE (powaking)
Not sure why the anger, just asking for some tips on how best to do it.


Not anger, just momentary irritation smile.gif.

As I saw (and still see wink.gif) it:
1) You asked a rather "narrow" question:
QUOTE
Password protect, Either via Grub or at PE Switcher

2) I replied you that grub4dos, which is NOT Grub, is compatible with Grub password feature.
(the distinction is VERY important, as grub4dos is derived from Grub, but, while having a number of added features, it still lacks some of the original Grub)

At this point, one could have posted something like "Ok, thanks" and would have googled his way to understand, if needed, how the password syntax worked.

Galapo offered his help, hinting a way to limit access to the CD to which you replied something to the effect of "No, too difficult for me".

Ove proposed CDshell as an alternative, maybe slightly outside your question, as you pointed out.

I got (maybe wrongly) the impression of a kind of "lazyness" on your part or however a non compliance to point f5 of Common Sense Advice given in rules:
http://www.boot-land.net/forums/index.php?act=boardrules

It seemed to me like you were a sultan, comfortably laying in his dormeuse, supervising a number of merchants coming from the East and showing their goods, saying "I don't like this", "I do not fancy this other", "This is too colourful", "This other is dull", hence the quick howto, in order to be able to consider the topic closed, and the esortation to RTFM.

jaclaz
Go to the top of the page
 
+Quote Post
powaking
post Sep 12 2007, 03:48 PM
Post #10


Advanced Member
***

Group: Members
Posts: 121
Joined: 11-September 06
From: Fall River, MA
Member No.: 372


United States


QUOTE (jaclaz @ Sep 12 2007, 01:12 PM) *
Not anger, just momentary irritation smile.gif.

As I saw (and still see wink.gif) it:
1) You asked a rather "narrow" question:

2) I replied you that grub4dos, which is NOT Grub, is compatible with Grub password feature.
(the distinction is VERY important, as grub4dos is derived from Grub, but, while having a number of added features, it still lacks some of the original Grub)

At this point, one could have posted something like "Ok, thanks" and would have googled his way to understand, if needed, how the password syntax worked.

Galapo offered his help, hinting a way to limit access to the CD to which you replied something to the effect of "No, too difficult for me".

Ove proposed CDshell as an alternative, maybe slightly outside your question, as you pointed out.

I got (maybe wrongly) the impression of a kind of "lazyness" on your part or however a non compliance to point f5 of Common Sense Advice given in rules:
http://www.boot-land.net/forums/index.php?act=boardrules

It seemed to me like you were a sultan, comfortably laying in his dormeuse, supervising a number of merchants coming from the East and showing their goods, saying "I don't like this", "I do not fancy this other", "This is too colourful", "This other is dull", hence the quick howto, in order to be able to consider the topic closed, and the esortation to RTFM.

jaclaz


Let me see if I can be more straight. I'm not familiar with GRUB at all and am trying to find a simple way to add some type of password protection to my VistaPE CD either from the GRUB menu or before entering the environment. Sorry but I am fairly new at the whole Winbuilder method (I come from a BartPE background where I used SecureScreen plugin to password protect my CD).

I create a RescueCD for co workers to assist with reimaging machines. I have setup a server so that each worker can generate their own RescueCD with the password of their choice. Trying to do such a feat with VistaPE and Grub seems to be a bit complex for me at this time (I'm sure I'll come around) but I was looking for suggestions and tips from anyone out there.

Usually people come to a forum looking for help or assistance. If everyone just says Google it or RTFM then why not just have that on the main page and do away with forums all together.

Sorry but as you were irritated in your last message I am too.

Just looking for guidance. Again, I've never used GRUB before.
Go to the top of the page
 
+Quote Post

5 Pages V   1 2 3 > » 
Reply to this topicStart new topic

Members Who Viewed Topic Today ()

 

RSS Lo-Fi Version Time is now: 24th October 2007 - 12:48 AM

MKPortal ©2003-2006 mkportal.it