re-factoring into my shell script framework.
shifting away from invoking via curl and using a downloaded zip file or git clone.
This commit is contained in:
13
ProjectCode/Modules/Security/secharden-ssh.sh
Normal file
13
ProjectCode/Modules/Security/secharden-ssh.sh
Normal file
@ -0,0 +1,13 @@
|
||||
#!/bin/bash
|
||||
|
||||
curl --silent ${DL_ROOT}/ConfigFiles/SSH/Configs/tsys-sshd-config > /etc/ssh/sshd_config
|
||||
curl --silent ${DL_ROOT}/ConfigFiles/SSH/Configs/ssh-audit_hardening.conf > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
|
||||
|
||||
# Perms on sshd_config
|
||||
chmod og-rwx /etc/ssh/sshd_config
|
||||
chmod og-rwx /etc/ssh/sshd_config.d/*
|
||||
|
||||
#todo
|
||||
|
||||
# root login disabled
|
||||
# only strong mAC algos are used
|
||||
Reference in New Issue
Block a user