From d74f5995d0e73bd606dd57428ea70f33b7aeb0a6 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Fri, 16 Sep 2022 03:18:21 -0400
Subject: [PATCH] Create RHEL-Server-9.sh

---
 RHEL-Server-9.sh | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 RHEL-Server-9.sh

diff --git a/RHEL-Server-9.sh b/RHEL-Server-9.sh
new file mode 100644
index 0000000..a71d5db
--- /dev/null
+++ b/RHEL-Server-9.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+#Assuming that you are using ANSSI-BP-028
+
+sudo dnf install tuned -y
+sudo tuned-adm profile virtual-guest
+
+echo "X11Forwarding no" >> sudo tee -a /etc/ssh/sshd_config.d/10-custom.conf
+echo "GSSAPIAuthentication no" >> sudo tee -a /etc/ssh/sshd_config.d/10-custom.conf
+echo "GSSAPIAuthentication no" >> sudo tee -a /etc/ssh/ssh_config.d/10-custom.conf
+
+sudo curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
+sudo curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/sysctl.d/30_security-misc.conf -o /etc/sysctl.d/30_security-misc.conf
+sudo curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/sysctl.d/30_silent-kernel-printk.conf -o /etc/sysctl.d/30_silent-kernel-printk.conf
+sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
+