Debian Hardening

Debian Linux Hardening for Improved Security

Steps

1.git clone https://github.com/hardenedlinux/harbian-audit.git && cd harbian-audit
2.cp etc/default.cfg /etc/default/cis-hardening
3.sed -i "s#CIS_ROOT_DIR=.*#CIS_ROOT_DIR='$(pwd)'#" /etc/default/cis-hardening
4.bin/hardening.sh--init
5.bin/hardening.sh --audit-all
6.bin/hardening.sh --set-hardening-level 4
7.bin/hardening.sh --apply

Be sure to change the root password

8.visudo
#Change this line to the following
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
9.echo > /etc/hosts.deny
10.vim /etc/login.defs
#Change this line to the following
PASS_MAX_DAYS 9999
11.vim /etc/ssh/sshd_config
#Change it to the following
PermitRootLogin yes
AllowUsers root
PubkeyAuthentication yes
PasswordAuthentication yes
12.vim .ssh/authorized_keys
#Paste your system key
13.systemctl restart sshd
Discussion
Comment
Updated on
ClickHouse Backup
Install and Configure Vault