- A unified monitoring and hardening security manager for Linux servers.
- Light footprint, developer-friendly, open-source.
- Built-in system monitoring — continuous security oversight with intelligent alerting
- 5-minute hardening for bare VPS — one command, safe defaults, idempotent, and reversible
Syntra Agent helps VPS and Linux server owners monitor and secure their systems out-of-the-box:
- Unified management of baseline hardening tools (UFW, Fail2Ban, SSH configs, sysctl, etc.)
- Centralized visibility of security events & alerts
- Export metrics and security data in formats compatible with major DevOps tools (Prometheus, Grafana, Datadog, ELK Stack, Ansible, Terraform)
Think of it as “monitoring and security made simple” for developers, hobbyists, and small businesses.
Instead of reinventing the wheel, Syntra Agent glues together proven Linux tools (UFW, Fail2Ban, unattended-upgrades, sysctl) and adds:
- Baseline hardening profiles
- Status checks and scoring
- Telegram/Email alerts
- Weekly HTML reports
- Local-only Web UI (via SSH tunnel)
- Unified → One place to manage multiple security layers
- Light footprint → Minimal resource usage, no bloat
- Transparent → Open-source by default, visible configs
- Practical → Focus on usability for non-experts
curl -fsSL https://get.syntra.sh/agent | sudo bash# Init, it will generate file: `/etc/syntra/syntra.yml`
syntra init
# Hardening
syntra harden
# Show current security status
syntra status
# Generate weekly report immediately
syntra report
# Start local Web UI (bound to 127.0.0.1:8080, token required)
syntra web --idle-exit 30m
Syntra Agent config template syntra.template.yml
Config file in production -->
/etc/syntra/syntra.yml
ssh -L 8888:127.0.0.1:8080 user@your-vps
# then open in browser:
http://localhost:8888
# enter token printed by `syntra web`
syntra install→ Apply baseline hardening (SSH, UFW, Fail2Ban, sysctl, updates)syntra status→ Show summary (score, open ports, bans, updates)syntra watch[--once] → Run alert checks (SSH failures, ports, updates)syntra report→ Generate & email weekly HTML reportsyntra web→ Start local-only Web UI (requires token, use SSH tunnel to access)
- Web UI listens only on 127.0.0.1. Access via SSH tunnel.
- One-time token required (--ui-token to override, --token-ttl to limit lifetime).
- Idle exit timer (--idle-exit 30m) auto-shuts Web UI after inactivity.
- Config files under /etc/syntra/, state under /var/lib/syntra/.
- Always test in staging before applying on production VPS.
sudo ./scripts/install.sh --uninstallThis removes Syntra Agent binary, systemd units, configs under /etc/syntra/, and optionally purges ufw/fail2ban/unattended-upgrades.
-
🔒 Security Hardening
- SSH configuration hardening (disable root login, password auth, etc.)
- Firewall baseline via UFW (default deny, allow 22/80/443, ssh rate-limit)
- Sysctl kernel network protection
- Unattended security updates
-
📊 Monitoring
- SSH authentication failure surge detection
- New open ports since last check
- Available kernel/OpenSSL updates
- System status summary
-
🚨 Alerting
- Telegram notifications
- Email alerts
- Configurable thresholds (SSH failures, port changes, pending updates)
- Weekly HTML security report (UFW, Fail2Ban, Ports, CVEs, Top IPs/UA)
-
🌐 Web Dashboard
- Runs only on
127.0.0.1:8080(not exposed) - Access via SSH tunnel:
ssh -L 8888:127.0.0.1:8080 user@server - Requires one-time token (printed on startup)
- Single-file
index.htmlUI (inline CSS/JS, no build system)
- Runs only on
-
🐛 Issues: GitHub Issues
-
📧 Email: support@FinchSecurity.io
-
💬 Discord: Join community
-
Docs: docs.syntra.security
Apache 2.0 License · Made with ❤️ for the VPS community