Ventoy Password Plugin
With this plugin, we can set a password for Ventoy or for some image file when boot it.
It should be noted that, this is a very very simple password feature and should only be used for simple protection or misoperation prevention.
Attention: grub's support for numeric keypad is not perfect. So don't use the numeric keypad when you input password.
- Json Configuration
Recommend to use VentoyPlugson, a GUI ventoy.json configurator. Refer VentoyPlugson
A password object is defined to describe the configuration in /ventoy/ventoy.json
{
"password": {
"bootpwd": "txt#123456",
"isopwd": "txt#111",
"wimpwd": "txt#222",
"imgpwd": "txt#333",
"vhdpwd": "txt#444",
"efipwd": "txt#555",
"vtoypwd": "txt#666",
"menupwd": [
{
"parent":"/MyVhdDir/WindowsVHD",
"pwd":"md5#def#14fa11b4ab450b0204182266140e284d"
},
{
"file":"/ISO/MX-19.1_x64.iso",
"pwd":"md5#e10adc3949ba59abbe56e057f20f883e"
},
{
"file":"/ISO/ubuntu-20.04-desktop-amd64.iso",
"pwd":"md5#abc#0659c7992e268962384eb17fafe88364"
}
]
}
}
| Key | Type | Description |
|---|---|---|
bootpwd |
STRING |
Password when Ventoy is booting. Ventoy will exit after 3 retries. |
isopwd |
STRING |
Default password for all .iso files. Will return to the main menu if input password is wrong. |
wimpwd |
STRING |
Default password for all .wim files. Will return to the main menu if input password is wrong. |
imgpwd |
STRING |
Default password for all .img files. Will return to the main menu if input password is wrong. |
vhdpwd |
STRING |
Default password for all .vhd/.vhdx files. Will return to the main menu if input password is wrong. |
efipwd |
STRING |
Default password for all .efi files. Will return to the main menu if input password is wrong. |
vtoypwd |
STRING |
Default password for all .vtoy files. Will return to the main menu if input password is wrong. |
file |
STRING |
The full path of the image file. This option supports fuzzy matching, please refer About Path Matching |
parent |
STRING |
The full path of the parent directory. All files (.iso/.wim/.img ...) will use the same password. The trailing slash must be removed. |
pwd |
STRING |
Password when booting the image file. Will return to the main menu if input password is wrong. |
- Password Priority
menupwd file > menupwd parent > isopwd/wimpwd/imgpwd...
- Password Format
| Format | Example | Desc |
|---|---|---|
| Plain text | txt#123456 |
Password in simple plain text format. The max length is 32. txt# is a fixed prefix followed by password.Note that there can be no double quotes in the password " because the embedded json parser is very simple.Escape characters are also not supported. |
| Normal MD5 | md5#e10adc3949ba59abbe56e057f20f883e |
A fixed prefix md5# followed by the MD5 hash of the password. In this example, the MD5 is correspond to 123456
|
| Salt MD5 | md5#abc#0659c7992e268962384eb17fafe88364 |
A fixed md5#xxx# prefix followed by a MD5. xxx is the salt with max length 16.
The MD5 is correspond to salt+password. In this example, the password is 123456 and the MD5 is correspond to abc123456.
|
Here is a brief explanation of the last "salt" MD5.
Becasue that same password will generate same MD5. So, suppose you set the same password for different files, if you use a common MD5 value
, so that although others don’t know what the password is, they can tell at a glance that your passwords are the same because they have the same MD5 value.
This is not so good.
So here you can add some random characters (which is so called "salt") before the password and then generate the MD5 value of the "spliced" data.
The length of "salt" is not fixed, generally a few characters are enough.
For example, the following passwords are all 123456, but correspondingly with a/b/c/d as the "salt", so the MD5 values are completely different.
md5#a#dc483e80a7a0bd9ef71d8cf973673924 md5#b#8df32286deed62bae5bf746672805c78 md5#c#ad07fb25aa2d3a9f96ee12f25e0be902 md5#d#adf00707a1c0154a9ad8edb57c8646f4
Note that when inputting password, only the password part is needed, never input the "salt" part.
- MD5
You can use some online tool (e.g. https://www.pelock.com/products/hash-calculator ) to generate MD5.
Besides, you can use the following command to generate MD5 if you have a linux shell enviroment. (-n option is necessary)
echo -n 123456|md5sum
- Multi-Mode
Supported. You can set different configurations for different BIOS mode. Please refer Multi-Mode Option for details.