Hardened Ubuntu 16.04 LTS

by mbeach
99 deployments · 30 still active · last rev. 1 year ago

This StackScript hardens a fresh Ubuntu deployment by automating the steps outlined in the Securing Your Server guide, here: https://www.linode.com/docs/security/securing-your-server

You should pre-generate an SSH key on your local computer. All inputs for this StackScript are required.

This script configures ufw as the firewall and sets default deny with only SSH and ping allowed.

Compatible with: Ubuntu 16.04 LTS

#<UDF name="ssuser" Label="Sudo user username?" example="username" />
#<UDF name="sspassword" Label="Sudo user password?" example="strongPassword" />
#<UDF name="sspubkey" Label="SSH pubkey (installed for root and sudo user)?" example="ssh-rsa ..." />

curl -o out.sh -L https://raw.githubusercontent.com/mb243/linux-deployment-scripts/master/hardened-Ubuntu16.sh

. ./out.sh