Putorius
Linux Quick Tips

Password Protect Single User Mode in Red Hat or CentOS

Allowing access to single user mode in Linux is a major security risk. Setting it to require the root password before booting into single user mode is a good idea. Here we will explain two methods to password protect single user mode.

How to require password for single user mode in CentOS 5 / RedHat 5

Insert the following line to /etc/inittab file above the line containing initdefault.

su:S:wait:/sbin/sulogin

NOTE: it must be above the link with initdefault in order to work. Example:

# Password requires for single user mode.
su:S:wait:/sbin/sulogin
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)

id:3:initdefault:

How to require password for single user mode in CentOS 6 / RedHat 6

Edit the file /etc/sysconfig/init and change the following line:

SINGLE=/sbin/sushell

to

SINGLE=/sbin/sulogin

You can also use sed to change the file like so:

sed -i ‘s/SINGLE=/sbin/sushell/SINGLE=/sbin/sulogin/’ /etc/sysconfig/init
Exit mobile version