Hardened CentOS 7 / Fedora 24

by mbeach
110 deployments · 71 still active · last rev. 1 month ago

This StackScript hardens a fresh CentOS 7 / Fedora 24 deployment by automating the steps outlined in the Securing Your Server guide, here: https://www.linode.com/docs/security/securing-your-server

You should pre-generate an SSH key on your local computer. All inputs for this StackScript are required.

This script configures FirewallD as the firewall and places eth0 in the public zone. For information on opening additional ports, see:
https://fedoraproject.org/wiki/FirewallD#Working_with_firewalld

Compatible with: CentOS 7
						#!/bin/bash

#<UDF name="ssuser" Label="Sudo user username?" example="username" />
#<UDF name="sspassword" Label="Sudo user password?" example="strongPassword" />
#<UDF name="sspubkey" Label="SSH pubkey (installed for root and sudo user)?" example="ssh-rsa ..." />

curl -o out.sh -L https://raw.githubusercontent.com/mb243/linux-deployment-scripts/master/hardened-CentOS7.sh

. ./out.sh