Information
Oracle SPARC systems support the use of a EEPROM password for the console.
Setting the EEPROM password helps prevent attackers who gain physical access to the
system console from booting from an external device (such as a CD-ROM or floppy).
Solution
Perform the following to implement the recommended state-# eeprom security-mode=command
# eeprom security-#badlogins=0After entering the last command above, the administrator will be prompted for a password.
This password will be required to authorize any future command issued at boot-level on
the system (the ok or > prompt) except for the normal multi-user boot command (i.e., the
system will be able to reboot unattended).Write down the password and store it in a sealed envelope in a secure location (note that
locked desk drawers are typically not secure). If the password is lost or forgotten, simply
log into the system and run the command-# eeprom security-mode=noneThis will erase the forgotten password. If the password is lost or forgotten and this action
cannot be completed, then the EEPROM must be replaced to gain access to the system. To
set a new password, run the command-# eeprom security-mode=command