2021-11-24 11:54:36 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
2021-11-24 12:34:15 +01:00
|
|
|
echo "log"
|
2021-11-24 11:54:36 +01:00
|
|
|
|
|
|
|
|
|
|
|
printf "[sshd]\nenabled = true\nbanaction = iptables-multiport" > /etc/fail2ban/jail.local
|
|
|
|
systemctl enable fail2ban
|
|
|
|
ufw allow OpenSSH
|
|
|
|
ufw enable
|
|
|
|
sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^X11Forwarding/s/^.*$/X11Forwarding no/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^#MaxAuthTries/s/^.*$/MaxAuthTries 2/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^#AllowTcpForwarding/s/^.*$/AllowTcpForwarding no/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^#AllowAgentForwarding/s/^.*$/AllowAgentForwarding no/' /etc/ssh/sshd_config
|
|
|
|
sed -i -e '/^#AuthorizedKeysFile/s/^.*$/AuthorizedKeysFile .ssh\/authorized_keys/' /etc/ssh/sshd_config
|
|
|
|
sed -i '$a AllowUsers holu' /etc/ssh/sshd_config
|
|
|
|
reboot
|
|
|
|
|