chris/scarif
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add more secure ssh configuration and an example env file

Browse Source
This commit is contained in:
Chris
2021-10-08 18:59:21 +01:00
parent 97a9d2bcc6
commit f0d662a6a1
3 changed files with 143 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bootstrap.sh
View File

@@ -27,10 +27,14 @@ mkdir /home/chris/.ssh
echo $SSH_KEY >> /home/chris/.ssh/authorized_keys
# Disable root login
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin no/" /etc/ssh/sshd_config
# Logout after 5 minutes of inactivity
sed -i "s/#LoginGraceTime 2m/LoginGraceTime 5m/" /etc/ssh/sshd_config
# Logout after 1 minute of inactivity
sed -i "s/#LoginGraceTime 2m/LoginGraceTime 1m/" /etc/ssh/sshd_config
# Add banner art
sed -i "s/#Banner none/Banner \/opt\/scarif\/ssh-banner-art/" >> /etc/ssh/sshd_config
# Limit number of sessions
sed -i "s/#MaxSessions/MaxSessions 4/" >> /etc/ssh/sshd_config
# Limit users
sed -i "s/#AllowUsers/AllowUsers chris git/" >> /etc/ssh/sshd_config
# Modify login messages
echo "Clearance codes accepted! proceed:" > /etc/motd
# Enforce a delay after a failed login attempt to prevent brute force attacks