Set Password Protection for Recovery Mode Shell in Ubuntu (GRUB Root Access Security)

Adding a password to the recovery mode shell in Ubuntu involves setting a password for the root user in the recovery mode GRUB menu. Here's how you can do it:

Generate a Password Hash:

grub-mkpasswd-pbkdf2

You'll be prompted to enter your password, and then the command will output the hash.

Edit the GRUB Configuration:

sudo nano /etc/grub.d/40_custom
**Add a GRUB Menu Entry:** Add the following lines at the end of the file:
set superusers="root"
password_pbkdf2 root GRUB_PASSWORD_HASH
Replace `GRUB_PASSWORD_HASH` with the password hash generated in step 1.

Update GRUB: After making changes to the GRUB configuration, update GRUB to apply the changes:

sudo update-grub

Reboot Your System: Reboot your system to apply the changes:

sudo reboot

After performing these steps, when you boot into recovery mode and try to access the root shell, GRUB will prompt you to enter a username and password. Enter root as the username and the password you set earlier. This adds an extra layer of security to your recovery mode shell.

REMOVE PROCESS:

To remove the username and password protection from the GRUB bootloader, you need to revert the changes you made in the GRUB configuration. Here's how you can do it:

sudo nano /etc/grub.d/40_custom
**Remove the Password Lines:** Delete the lines you added to set the superuser and password. These lines typically look like:
set superusers="root"
password_pbkdf2 root GRUB_PASSWORD_HASH
Remove both the `set superusers` line and the `password_pbkdf2` line.

Update GRUB: After making changes to the GRUB configuration, update GRUB to apply the changes:

sudo update-grub

Reboot Your System: Reboot your system to apply the changes:

sudo reboot

After performing these steps, the GRUB bootloader should no longer prompt you for a username and password during boot. The system will boot directly to the default boot entry without any authentication required.