This project automates key Linux hardening practices using a modular set of Bash scripts, targeting firewall configuration, SSH security, user account policy, file permission enforcement, and audit logging.
``` linux-hardening-script/ βββ scripts/ β βββ ufw_setup.sh β βββ ssh_hardening.sh β βββ user_security.sh β βββ file_permissions.sh β βββ audit_config.sh βββ screenshots/ βββ hardening_report_template.md βββ README.md ```
| Script | Description |
|---|---|
ufw_setup.sh |
Configures firewall with UFW, allowing/denying ports and IPs |
ssh_hardening.sh |
Disables root login, changes SSH port, enforces protocol 2 |
user_security.sh |
Enforces password policies, disables guest login, audits accounts |
file_permissions.sh |
Fixes sensitive file permissions, applies sticky bits, audits SUID/777 files |
audit_config.sh |
Installs and configures auditd to track key system events |
Run each script with superuser privileges:
sudo bash scripts/ufw_setup.sh
sudo bash scripts/ssh_hardening.sh
sudo bash scripts/user_security.sh
sudo bash scripts/file_permissions.sh
sudo bash scripts/audit_config.sh