From ff6e6a57e94cd4f74183a3443b375b1486fe2c42 Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 7 Sep 2023 15:27:02 -0700 Subject: [PATCH] Fix ssh hardening --- GCP-Debian-11.sh | 4 ++-- Proxmox-8.sh | 4 ++-- Ubuntu-22.04-Server.sh | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/GCP-Debian-11.sh b/GCP-Debian-11.sh index 5ae84ce..032aae2 100644 --- a/GCP-Debian-11.sh +++ b/GCP-Debian-11.sh @@ -22,8 +22,8 @@ echo 'GSSAPIAuthentication no VerifyHostKeyDNS yes' | sudo tee /etc/ssh/ssh_config.d/10-custom.conf sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf sudo sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' /etc/ssh/sshd_config -sudo mkdir -p /etc/systemd/system/sshd.service.d -sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/sshd.service.d/override.conf +sudo mkdir -p /etc/systemd/system/ssh.service.d +sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/ssh.service.d/override.conf sudo systemctl daemon-reload sudo systemctl restart sshd diff --git a/Proxmox-8.sh b/Proxmox-8.sh index 2d219fa..e87f122 100644 --- a/Proxmox-8.sh +++ b/Proxmox-8.sh @@ -13,8 +13,8 @@ VerifyHostKeyDNS yes' | tee /etc/ssh/ssh_config.d/10-custom.conf sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' /etc/ssh/sshd_config -mkdir -p /etc/systemd/system/sshd.service.d -curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/sshd.service.d/local.conf +mkdir -p /etc/systemd/system/ssh.service.d +curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/ssh.service.d/override.conf systemctl daemon-reload systemctl restart sshd diff --git a/Ubuntu-22.04-Server.sh b/Ubuntu-22.04-Server.sh index 4dddf40..99b2b03 100644 --- a/Ubuntu-22.04-Server.sh +++ b/Ubuntu-22.04-Server.sh @@ -31,8 +31,8 @@ sudo ufw allow OpenSSH echo 'GSSAPIAuthentication no VerifyHostKeyDNS yes' | sudo tee /etc/ssh/ssh_config.d/10-custom.conf sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf -sudo mkdir -p /etc/systemd/system/sshd.service.d -sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/sshd.service.d/override.conf +sudo mkdir -p /etc/systemd/system/ssh.service.d +sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/local.conf -o /etc/systemd/system/ssh.service.d/override.conf sudo systemctl daemon-reload sudo systemctl restart sshd