nick/RHELSecureSetup
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
RHELSecureSetup is a Bash script designed to streamline the process of securing RHEL-based Linux distributions. By automating system updates and security configurations, it helps ensure that your instance is protected from vulnerabilities.
13 Commits 3 Branches 1 Tag 66 KiB
Shell 100%
master
Go to file
Nick Heppler 2b420c119e Sets the system timezone based on geolocation or user input.
2024-12-28 11:22:28 -05:00
LICENSE Initial commit 2024-10-10 15:37:04 -04:00
README.md Add prerequisite for git. 2024-10-14 17:14:27 -04:00
setup.sh Sets the system timezone based on geolocation or user input. 2024-12-28 11:22:28 -05:00

README.md

RHELSecureSetup: A Bash Script for Securing RHEL-Based Systems

RHELSecureSetup is a Bash script designed to streamline the process of securing RHEL-based Linux distributions. By automating system updates and security configurations, it helps ensure that your instance is protected from vulnerabilities. This script is inspired by documentation from Akamai (formerly Linode) for setting up and securing compute instances.

Features

  • System Updates: Automatically updates the package manager and upgrades installed packages to their latest versions, ensuring you have the latest security patches.
  • Timezone Configuration: Sets the system timezone to your desired location.
  • Hostname Change: Prompts for and changes the hostname of the machine.
  • Hosts File Update: Updates the /etc/hosts file with the machine's IP address and hostname for local resolution.
  • SSH Security Enhancements:
    • Disables root login to prevent unauthorized access.
    • Disables password authentication to encourage the use of SSH keys.
    • Ensures IPv4 address family is explicitly set to prevent potential network issues.
  • Optional Docker Installation: Installs Docker CE using the official installation script if desired.

Prerequisites

  • A RHEL-based Linux distribution (e.g., CentOS, Fedora).

  • Root access or sudo privileges.

  • dnf or yum package manager.

  • curl installed. If not present, you can install it using:

    sudo dnf install curl

  • git installed. If not present, you can install it using:

    sudo dnf install git

Usage

  1. Clone the repository:

    git clone https://git.nickhepler.cloud/nick/RHELSecureSetup.git
cd RHELSecureSetup

  2. Make the script executable:

    chmod +x setup.sh

  3. Run the script with root privileges:

    sudo ./setup.sh

  4. Follow the prompts:

    • Enter the desired hostname and timezone.
    • Provide a username and password for a new limited user account.
    • Optionally, choose whether to install Docker CE at the end of the script.

    Note: Ensure you understand the changes being made by the script before proceeding.

Customization

  • Time Zone: Modify the timezone variable in the script to set your desired timezone. Look for the line that sets the timezone variable and change it accordingly.
  • Hostname: The script prompts for a hostname during execution, but you can also set a default value in the script itself.

License

This project is licensed under the GPL-3.0 License. This means you are free to use, modify, and distribute the code, but you must also share your modifications under the same license.

Roadmap

  • Add configuration for firewall rules using Firewalld.
  • Install and configure rules for Fail2ban.
  • Create a script for Debian-based distributions.

Contributing

Contributions are welcome! If you have suggestions or improvements, please feel free to submit a pull request or open an issue.