diff --git a/debian-gnome/debian-gnome.sh b/debian-gnome/debian-gnome.sh
index d5eb22a..6907ba0 100644
--- a/debian-gnome/debian-gnome.sh
+++ b/debian-gnome/debian-gnome.sh
@@ -22,9 +22,15 @@ unpriv(){
 sudo systemctl mask debug-shell.service
 
 # Setting umask to 077
+# Does not actually work for some reason - need to check
 umask 077
-#This line is broken on the Debian templates for some reason - further debugging needed.
-echo 'umask 077' | sudo tee -a /etc/bash.bashrc
+sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
+sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
+sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
+sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
+
+# Make home directory private
+sudo chmod 700 /home/*
 
 # Harden SSH
 unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
diff --git a/fedora-gnome/fedora-gnome.sh b/fedora-gnome/fedora-gnome.sh
index c5e5782..6375859 100644
--- a/fedora-gnome/fedora-gnome.sh
+++ b/fedora-gnome/fedora-gnome.sh
@@ -24,8 +24,10 @@ sudo systemctl mask kdump.service
 
 # Setting umask to 077
 umask 077
+sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
+sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
+sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
 sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
-echo 'umask 077' | sudo tee -a /etc/bashrc
 
 # Make home directory private
 sudo chmod 700 /home/*
diff --git a/fedora-minimal/fedora-minimal.sh b/fedora-minimal/fedora-minimal.sh
index f541fba..7ffdbaf 100644
--- a/fedora-minimal/fedora-minimal.sh
+++ b/fedora-minimal/fedora-minimal.sh
@@ -24,8 +24,13 @@ systemctl mask kdump.service
 
 # Setting umask to 077
 umask 077
-sed -i 's/umask 022/umask 077/g' /etc/bashrc
-echo 'umask 077' | tee -a /etc/bashrc
+sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
+sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
+sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
+sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
+
+# Make home directory private
+sudo chmod 700 /home/*
 
 # Disable timesyncd
 systemctl disable --now systemd-timesyncd
diff --git a/whonix/whonix-gw.sh b/whonix/whonix-gw.sh
index ab2f34c..0860d45 100644
--- a/whonix/whonix-gw.sh
+++ b/whonix/whonix-gw.sh
@@ -18,6 +18,17 @@ unpriv(){
   sudo -u nobody "$@"
 }
 
+# Setting umask to 077
+# Does not actually work for some reason - need to check
+umask 077
+sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
+sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
+sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
+sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
+
+# Make home directory private
+sudo chmod 700 /home/*
+
 # Avoid phased updates
 unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/apt/apt.conf.d/99sane-upgrades | sudo tee /etc/apt/apt.conf.d/99sane-upgrades
 sudo chmod 644 /etc/apt/apt.conf.d/99sane-upgrades
diff --git a/whonix/whonix-ws.sh b/whonix/whonix-ws.sh
index 0e802a4..85944c4 100644
--- a/whonix/whonix-ws.sh
+++ b/whonix/whonix-ws.sh
@@ -18,6 +18,17 @@ unpriv(){
   sudo -u nobody "$@"
 }
 
+# Setting umask to 077
+# Does not actually work for some reason - need to check
+umask 077
+sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
+sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
+sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
+sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
+
+# Make home directory private
+sudo chmod 700 /home/*
+
 # Avoid phased updates
 unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/apt/apt.conf.d/99sane-upgrades | sudo tee /etc/apt/apt.conf.d/99sane-upgrades
 sudo chmod 644 /etc/apt/apt.conf.d/99sane-upgrades