secure your CentOS machine

secure.sh

#!/bin/bash

# Script to add a user to Linux system
if [ $(id -u) -eq 0 ]; then
        # If user & pass not provided in command line arguments, then ask.
	if [[ -z "$1"  &&  -z "$2" ]]; then
		read -p "Enter username : " username
		read -s -p "Enter password : " password
	else
		username="$1"
		password="$2"
	fi

	egrep "^$username" /etc/passwd >/dev/null
	if [ $? -eq 0 ]; then
		echo "$username exists!"
		exit 1
	else
		pass=$(perl -e 'print crypt($ARGV[0], "password")' $password)
		useradd -m -p $pass $username
		[ $? -eq 0 ] && echo "User has been added to system!" || echo "Failed to add a user!"
	fi
else
	echo "Only root may add a user to the system"
	exit 2
fi

# adding user to sudoers list
echo $username"  ALL=(ALL) ALL" >> /etc/sudoers

# Configuring ssh file. Removing root login, allowing only the user to login etc.
sed -i 's/Port 22/Port 17576 /' /etc/ssh/sshd_config
sed -i '0,/.*PermitRootLogin.*/s//PermitRootLogin no /' /etc/ssh/sshd_config
sed -i '0,/.*PasswordAuthentication.*/s//PasswordAuthentication no /' /etc/ssh/sshd_config
echo "AllowUsers "$username >> /etc/ssh/sshd_config
echo "service sshd restart"

# Blocking ssh from other IPs.
echo "sudo iptables -A INPUT -p tcp -s 180.151.30.100 --dport 17576 -j ACCEPT"
echo "sudo iptables -A INPUT -p tcp -s 180.151.30.99 --dport 17576 -j ACCEPT"
echo "sudo iptables -A INPUT -p tcp --dport 22 -j DROP"
echo "sudo iptables -A INPUT -p tcp --dport 17576 -j DROP"
echo "sudo iptables-save"
echo "service sshd restart"