KNEL/FetchApply
2
0
Fork 0
Code Pull Requests Actions Packages Releases 1 Activity
Files
15074a99f4bb1ca39a27133155c53d4aac0d0c9f
FetchApply/ProjectCode/Modules/Security/secharden-ssh.sh
ReachableCEO 15074a99f4 .
2025-07-02 08:07:45 -05:00

45 lines
1.1 KiB
Bash
Raw Blame History

#!/bin/bash
export FRAMEWORK_INCLUDES_FULL_PATH
FRAMEWORK_INCLUDES_FULL_PATH="$(realpath ../Framework-Includes)"
export FRAMEWORK_CONFIGS_FULL_PATH
FRAMEWORK_CONFIGS_FULL_PATH="$(realpath ../Framework-ConfigFiles)"
export PROJECT_INCLUDES_FULL_PATH
PROJECT_INCLUDES_FULL_PATH="$(realpath ../Project-Includes)"
export PROJECT_CONGIGS_FULL_PATH
PROJECT_INCLUDES_FULL_PATH="$(realpath ../Project-ConfigFiles)"
#Framework variables are read from hee
source $FRAMEWORK_CONFIGS_FULL_PATH/FrameworkVars
#Boilerplate and support functions
FrameworkIncludeFiles="$(ls -1 --color=none $FRAMEWORK_INCLUDES_FULL_PATH/*)"
IFS=$'\n\t'
for file in ${FrameworkIncludeFiles[@]}; do
. "$file"
done
unset IFS
ProjectIncludeFiles="$(ls -1 --color=none $PROJECT_INCLUDES_FULL_PATH/*)"
IFS=$'\n\t'
for file in ${ProjectIncludeFiles[@]}; do
. "$file"
done
unset IFS
cat ../../ConfigFiles/SSH/Configs/tsys-sshd-config > /etc/ssh/sshd_config
cat ../../ConfigFiles/SSH/Configs/ssh-audit-hardening.conf > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
# Perms on sshd_config
chmod og-rwx /etc/ssh/sshd_config
chmod og-rwx /etc/ssh/sshd_config.d/*
#todo
# only strong MAC algos are used
View Git Blame Copy Permalink