API tools faq
paste
Guest User

Untitled

a guest
Dec 7th, 2017
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.93 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2.  
  3. echo -n "Enter hostname: "
  4. read SRVHOST
  5. echo -n "Enter username: "
  6. read USERNAME
  7. echo -n "Enter password: "
  8. read -s PASSW1
  9. echo
  10. echo -n "Verify password: "
  11. read -s PASSW2
  12. echo
  13.  
  14. if [ "$PASSW1" != "$PASSW2" ]; then
  15. echo "Passwords do not match."
  16. exit 1
  17. fi
  18.  
  19. if [ "$PASSW1" == "" ]; then
  20. echo "Must specify a password."
  21. exit 1
  22. fi
  23.  
  24. echo "Setting hostname..."
  25. echo $SRVHOST > /etc/hostname
  26. hostname -F /etc/hostname
  27. sed -i -e "1s/^/127.0.0.1\t$SRVHOST\n/" /etc/hosts
  28.  
  29. echo "Adding management account..."
  30. groupadd sshlogin
  31. useradd -U -G users,sudo,sshlogin -s /bin/bash -m $USERNAME
  32. echo "$USERNAME:$PASSW1" | chpasswd
  33. chmod 750 /home/$USERNAME
  34.  
  35. echo "Disabling IPv6..."
  36. echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.d/99-sysctl.conf
  37. echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.d/99-sysctl.conf
  38. echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.d/99-sysctl.conf
  39.  
  40. echo "Disabling su access..."
  41. dpkg-statoverride --update --add root sudo 4750 /bin/su
  42.  
  43. echo "Securing shared memory..."
  44. echo "none /run/shm tmpfs defaults,ro 0 0" >> /etc/fstab
  45.  
  46. echo "Configuring SSH..."
  47. sed -i -e "s/Port 22/Port 3300/g" /etc/ssh/sshd_config
  48. sed -i -e "s/PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
  49. sed -i -e "s/LoginGraceTime 120/LoginGraceTime 20/g" /etc/ssh/sshd_config
  50. echo "AllowGroups sshlogin" >> /etc/ssh/sshd_config
  51. sed -i -e "s!Subsystem sftp /usr/lib/openssh/sftp-server!Subsystem sftp internal-sftp!g" /etc/ssh/sshd_config
  52. echo "Match User example_user" >> /etc/ssh/sshd_config
  53. echo " ChrootDirectory %h/public_html" >> /etc/ssh/sshd_config
  54. echo " X11Forwarding no" >> /etc/ssh/sshd_config
  55. echo " AllowAgentForwarding no" >> /etc/ssh/sshd_config
  56. echo " AllowTcpForwarding no" >> /etc/ssh/sshd_config
  57. echo " ForceCommand internal-sftp" >> /etc/ssh/sshd_config
  58.  
  59. echo "Installing ufw..."
  60. apt-get install -y ufw
  61. ufw allow 3300
  62. echo "y" | ufw delete 2
  63. echo "y" | ufw enable
  64.  
  65. echo "Restarting..."
  66. shutdown -rf now
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!