Configure a Hardened Gentoo Kernel for a VPS?
I'm getting back into using Gentoo as my preferred distro, but I want to use the Hardened setup to increase security. I've not meddled with the kernel yet, but I wanted to ask first because I might only get one shot at this.
I've saved off my current server .config so I can start there. Does anyone have any suggestions for when I start the actual kernel config?
Does anyone have any suggestions for when I start the actual kernel config?
- Take a snapshot of your Linode before you mess with any kernel things, this'll be your escape hatch if anything is completely broken. Alternatively, you could clone your Linode and mess with kernel configs there.
- If you custom compile, make sure your config includes the options listed here. If you're using your existing kernel config as a starting point, you're probably OK.
Lastly, be sure to check out Gentoo's hardened docs and feel free to reach out to the Linode Community or the
#gentoo-hardened IRC channel if you run into any bumps along the way.