Skip to content

Instantly share code, notes, and snippets.

@thiagoeh

thiagoeh/SSH-basic-hardening.md

Last active April 20, 2018 19:41
Show Gist options
  • Save thiagoeh/9f2241c5a36a349b75796b3692964d39 to your computer and use it in GitHub Desktop.
Save thiagoeh/9f2241c5a36a349b75796b3692964d39 to your computer and use it in GitHub Desktop.
Download ZIP
Basic hardening of SSH for a (Debian based) Linux instance
Raw
SSH-basic-hardening.md

Automation script draft

ADMIN_USER=thiago

usermod -a $ADMIN_USER -G sudo

Locking the rootaccount for password authentication

This should be the last step, after being sure that you can login with your admin account AND sucessfully switch to root using sudo -s

sudo passwd -l root

After this, the only way to become root will be through sudo (except for some privilege escalation vulnerability, but it's another entire subject to deal with).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment