The GRUB bootloader enables you to interrupt the existing boot sequence to launch one of ONIE or the Offline Diagnostics and GRUB environment “e” - edit the commands before booting and “c” - command-line options available at boot time. User with console access to the SLX device, at boot time, can interrupt the boot process and launch one of these two options. To enhance security at boot time these options can now be password protected.
Once protected, when a user with console access tries to access either ONIE or Offline Diagnostics and GRUB environment “e” - edit the commands before booting and “c” - command-line option at boot time, a prompt for username and password is displayed. On successful credential verifications, the user is allowed to proceed with launching these options.
The launch of the SLX-OS operating system does not require this credential verification.
A new mode, GRUB Configuration Mode, is added for this purpose. The user must explicitly enable securing GRUB from within this mode. Once enabled, an additional command is enabled for configuring the username and password for securing GRUB.
A reboot of the SLX device is required for this setting to take effect.