lapatatedouce/scripts-admin-debian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change the SSH port

Browse Source
This commit is contained in:
Philippe Favre
2025-03-22 21:54:29 +01:00
parent 0915163d34
commit 67eb731e2a
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
miscellaneous/secure_ssh.sh
View File

@@ -1,5 +1,7 @@
#!/bin/bash
# Warning: Before running this script, make sure you have created a user and an SSH key in the authorized_keys file.
# This script is designed to configure the SSH server on a Linux system according to Mozilla's security best practices.
# It enhances the security of SSH connections by enforcing modern encryption standards, disabling insecure protocols, and restricting root access.
# The script backs up the original SSH configuration file, applies a new set of secure settings, and then restarts the SSH service to apply the changes.
@@ -34,6 +36,15 @@ else
allow_users="# AllowUsers configuration not set"
fi
# Ask user if they want to change the SSH port
read -p "Do you want to change the SSH port? (yes/no): " change_port
if [[ "$change_port" == "yes" ]]; then
read -p "Enter the new SSH port: " new_port
port_setting="Port $new_port"
else
port_setting="# Port configuration not changed"
fi
# Modify the sshd_config file
cat <<EOL > "$SSHD_CONFIG"
# Mozilla SSH Security Recommendations
@@ -68,6 +79,9 @@ ClientAliveCountMax 2
# IP restriction based on user input
$allow_users
# SSH port based on user input
$port_setting
EOL
# Restart the SSH service