disabling boot devices on poweredge servers?

Adam Nielsen adam.nielsen at uq.edu.au
Wed May 5 19:57:28 CDT 2010


>> Don't forget that anyone with physical access to the machine can do a 
>> BIOS reset to get rid of your password, so don't consider this as 
>> anything other than a deterrent!
> 
> A BIOS reset to defaults requires getting to the F2 Setup screen, does 
> it not?  While I know that the BIOS system password (and presumably the 
> setup password as well) on Dell laptops has a unique master password 
> (based on the service tag, it seems) that can be obtained from Dell 
> support, or one of the "password removing" services on-line, I was not 
> aware of any other trivial way to reset the BIOS or its passwords if the 
> chassis is secured (some PowerEdge models seem to have a jumper that can 
> be used to reset BIOS passwords).

I think most if not all machines have a hardware method to reset the 
BIOS settings (jumper, dipswitch, etc.)  At the very least simply 
popping out the CMOS battery for a few seconds (while the machine is 
off) will do it.

Yes, securing the chassis is the only way around this, but then if your 
chassis is secured properly, nobody is going to be able to boot off a CD 
or USB drive anyway.  Or remove your hot swappable disks and walk off 
with them ;-)

Cheers,
Adam.



More information about the Linux-PowerEdge mailing list