diff --git a/README.md b/README.md index 0a91f69..c355ff4 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,29 @@ -# RHELSecureSetup +# RHELSecureSetup: A Bash Script for Securing RHEL-Based Systems -This Bash script is designed for RHEL-based Linux distributions. It automates the process of updating the system, configuring security settings, and optionally installing Docker CE. +RHELSecureSetup is a Bash script designed to streamline the process of securing RHEL-based Linux distributions. By automating system updates and security configurations, it helps ensure that your instance is protected from vulnerabilities. This script is inspired by documentation from Akamai (formerly Linode) for [setting up and securing compute instances](https://techdocs.akamai.com/cloud-computing/docs/set-up-and-secure-a-compute-instance). ## Features -- **System Updates**: Updates the package manager and upgrades installed packages. -- **Timezone Configuration**: Sets the system timezone. -- **Hostname Change**: Changes the hostname of the machine. -- **Hosts File Update**: Updates the `/etc/hosts` file with the machine's IP address and hostname. +- **System Updates**: Automatically updates the package manager and upgrades installed packages to their latest versions, ensuring you have the latest security patches. +- **Timezone Configuration**: Sets the system timezone to your desired location. +- **Hostname Change**: Prompts for and changes the hostname of the machine. +- **Hosts File Update**: Updates the `/etc/hosts` file with the machine's IP address and hostname for local resolution. - **SSH Security Enhancements**: - - Disables root login. - - Disables password authentication. - - Ensures IPv4 address family is explicitly set. -- **Optional Docker Installation**: Installs Docker CE using the official installation script. + - Disables root login to prevent unauthorized access. + - Disables password authentication to encourage the use of SSH keys. + - Ensures IPv4 address family is explicitly set to prevent potential network issues. +- **Optional Docker Installation**: Installs Docker CE using the official installation script if desired. ## Prerequisites - A RHEL-based Linux distribution (e.g., CentOS, Fedora). - Root access or sudo privileges. - `dnf` or `yum` package manager. -- `curl` installed (if not present, install it using your package manager). +- `curl` installed. If not present, you can install it using: + + ```bash + sudo dnf install curl + ``` ## Usage @@ -47,15 +51,23 @@ This Bash script is designed for RHEL-based Linux distributions. It automates th - Provide a username and password for a new limited user account. - Optionally, choose whether to install Docker CE at the end of the script. + **Note**: Ensure you understand the changes being made by the script before proceeding. + ## Customization -- **Time Zone**: Modify the `timezone` variable in the script to set your desired timezone. -- **Hostname**: The script prompts for a hostname during execution, but you can also set a default value in the script. +- **Time Zone**: Modify the `timezone` variable in the script to set your desired timezone. Look for the line that sets the timezone variable and change it accordingly. +- **Hostname**: The script prompts for a hostname during execution, but you can also set a default value in the script itself. ## License -This project is licensed under the GPL-3.0 License. See the [LICENSE](LICENSE) file for more details. +This project is licensed under the [GPL-3.0 License](LICENSE). This means you are free to use, modify, and distribute the code, but you must also share your modifications under the same license. -## Acknowledgments +## Roadmap -- Inspired by documentation from Akamai (formerly Linode) for [setting up and securing compute instances](https://techdocs.akamai.com/cloud-computing/docs/set-up-and-secure-a-compute-instance). \ No newline at end of file +- Add configuration for firewall rules using Firewalld. +- Install and configure rules for Fail2ban. +- Create a script for Debian-based distributions. + +## Contributing + +Contributions are welcome! If you have suggestions or improvements, please feel free to submit a pull request or open an issue. \ No newline at end of file