Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/deadplev-ai/ass_auto-server-secure

(Great name I know). Automatically lock down your linux server with a single command. Customisable options included.
https://github.com/deadplev-ai/ass_auto-server-secure

debian installer installer-script interactive secure security security-tools

Last synced: 11 days ago
JSON representation

(Great name I know). Automatically lock down your linux server with a single command. Customisable options included.

Host: GitHub
URL: https://github.com/deadplev-ai/ass_auto-server-secure
Owner: deadplev-ai
Created: 2024-10-02T12:20:00.000Z (about 1 month ago)
Default Branch: main
Last Pushed: 2024-10-22T14:52:04.000Z (16 days ago)
Last Synced: 2024-10-27T07:03:12.469Z (11 days ago)
Topics: debian, installer, installer-script, interactive, secure, security, security-tools
Language: Shell
Homepage:
Size: 107 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Server Setup

### Intended OS:
- Debian 11/12
- Ubuntu 22.04+

## Current Features

- Automatic Security Updates
- Custom Non-Root Sudo User
- Root Login Block
- Custom SSH Port
- Strict UFW Config (Auto SSH Allow + Rate Limit)
- [Y/N] Future Password Complexity Requirements
- [Y/N] SSH 2FA
- Auto Package Cleanup
- More to come...

## One Command Setup
```bash
apt update && apt install git -y && git clone https://github.com/deadplev-ai/ASS_Auto-Server-Secure.git && cd ASS_Auto-Server-Secure && chmod +x install.sh && ./install.sh
```

## OPTIONAL: SSH Keypair (LINUX COMMAND ONLY)
```bash
cd ~/.ssh && ssh-keygen -b 4096
```
```bash
read -p "Server IP: " server_IP && read -p "SSH Port: " ssh_port && read -p "Server Username: " server_user && read -p "Pub Key File Location: " key_location && echo "Running: scp -P $ssh_port $key_location $server_user@$server_IP:~/.ssh/authorized_keys" && scp -P $ssh_port $key_location $server_user@$server_IP:~/.ssh/authorized_keys
```

SSH into New User → Keypair Login ONLY (Optional)
```bash
sudo sed -i 's/PasswordAuthentication yes\b/PasswordAuthentication no/gI' /etc/ssh/sshd_config && sudo systemctl restart ssh && echo && echo "***********************" && echo "Security Setup Complete!" && echo "***********************" && echo
```

## Coming Soon

- Y/N Software Packages (Optional)
- Anti SSH Brute Force + Mail Notifications (Fail2Ban)
- Auto Scan Anti Virus (ClamAV + Config)
- Disable Unused Filesystems
- Advanced Intrusion Detection (AIDE/HIDS/Alternative)
- Sysctl Kernel Security Paramaters
- Disable Core Dumps
- SELinux (NSA Developed Kernel Security)
- Post Quantum Cryptography SSH (OpenSSH 9.0+)
- Automatic IP Access Limiting (Optional, used for non VPN servers) ["Would you like to limit SSH access to a certain domain or IP?"]
- DDOS Protection (UFW Rate limiting + NGINX)
- AI Powered Security (EMail Analyser, IPS, IDS, Network, Endpoint etc)
- Dream Machine LAN HTTPS & AI Network analysis + Potential Home Host Server

- Auto Clean-up (Remove install.sh & user_setup.sh)