1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-12-23 07:12:07 -05:00

Add ssh hardening

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-05-17 15:34:33 -07:00
parent 2e1b763290
commit 29a3993155
Signed by: Tomster
GPG Key ID: 555C902A34EC968F

View File

@ -53,6 +53,9 @@ sudo /usr/bin/sed -i 's/\s+nullok//g' /etc/pam.d/system-auth
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/sshd_config.d/10-custom.conf | sudo tee /etc/ssh/sshd_config.d/10-custom.conf
unpriv curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf | sudo tee /etc/systemd/system/ssh.service.d/override.conf
sudo systemctl daemon-reload
sudo systemctl restart sshd
# Security kernel settings
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/modprobe.d/30_security-misc.conf | sudo tee /etc/modprobe.d/30_security-misc.conf