From 3cfdbc422c6e93ebcb0ed3992875b2a909f0f8ef Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Sat, 1 Jun 2024 15:04:41 -0700
Subject: [PATCH] SSH client hardening

Signed-off-by: Tommy <contact@tommytran.io>
---
 install.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/install.sh b/install.sh
index 1394e27..122157f 100644
--- a/install.sh
+++ b/install.sh
@@ -373,6 +373,9 @@ unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/m
 ## Remove nullok from system-auth
 sed -i 's/nullok//g' /mnt/etc/pam.d/system-auth
 
+# Harden SSH
+unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | sudo tee /mnt/etc/ssh/ssh_config.d/10-custom.conf
+
 ## Disable coredump
 unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/security/limits.d/30-disable-coredump.conf | tee /mnt/etc/security/limits.d/30-disable-coredump.conf