linuxonazure

apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd

secure-sshd/sshd-service-setup.sh

raw link view readme
1 useradd alloweduser01 -G wheel
2 echo "mypassword" | passwd alloweduser01 --stdin
3
4 yum install firewalld -y
5 systemctl start firewalld
6 systemctl enable firewalld
7 sed "s/\"22\"/\"2222\"/;s/>SSHSSH Alt.*/d" /usr/lib/firewalld/services/ssh.xml > /etc/firewalld/services/ssh-alt.xml
8 firewall-cmd --permanent --zone=public --add-interface=eth0
9 firewall-cmd --permanent --add-service=ssh-alt
10 firewall-cmd --reload
11
12 yum install setroubleshoot -y
13 semanage port -a -t ssh_port_t -p tcp 2222
14
15 sed -i.original "s/#Port 22/Port 2222/" /etc/ssh/sshd_config
16 sed -i "s/PasswordAuthentication.*/PasswordAuthentication yes/" /etc/ssh/sshd_config
17
18 cat >> /etc/ssh/sshd_config << EOF
19 AllowUsers alloweduser01
20 EOF
21
22 cat >> /etc/hosts.allow << EOF
23 sshd: 10.18.
24 EOF
25
26 cat >> /etc/hosts.deny << EOF
27 sshd: ALL
28 EOF
29
30 systemctl restart sshd
31
apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd