Password protecting the BIOS and Grub should be done with care. If you do choose to follow this, and it is a very good idea, you need to make sure that there is an off line, secure way to access the password at 2AM. In the Navy, we would write out passwords and place them in an envelope, two of us would then seal and sign on the seam of the envelope, and then the envelope would be placed in a safe with two combinations. The safe could only be opened when both holders of the combinations were present, and both holders of the combinations needed to inventory the safe at the beginning and end of each watch.
OK, that might be taking it a bit far. But the point is that if you password protect the means to recover your server, you need to make sure that the password is both available off line and secure.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.