This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
SSHD hardening for ed25519 key pairs
Idempotent VPS hardening for Ubuntu — SSH, firewall, fail2ban, kernel tuning, auditd, SOPS secrets, and optional AI agent workspace security. Dry-run first, lockout protection built in.
🥷🏻 Various bash stuff i find good to have 🔰
Advanced Privacy-Box: A RaspberryPi USB Ethernet Gadget that safeguards your Privacy while you work on your computer - Route all traffic through a WireGuard VPN or through a Tor Transparent Proxy, block ads and trackers via AdGuard Home, spoof your devices identity and cover your tracks.
Ansible role that hardens SSH server and client configurations based on ssh-audit recommendations. Supports Debian, Ubuntu, Rocky Linux 9, and Amazon Linux 2023. Provides safe defaults, repeatable audits, host key regeneration, brute-force mitigation and client hardening.
Linux 服务器 SSH 密钥登录配置工具:支持 GitHub 公钥导入、本机 Ed25519 密钥生成、禁用密码登录、备份恢复。
14 production-ready security components for Ubuntu hardening (CIS Benchmark 100%). Boot, AIDE, SSH, kernel, rkhunter, auditd (CIS 4.1.x), AppArmor, Vaultwarden, UFW, nftables, fail2ban, Lynis. Modular drop-in configs, Prometheus monitoring-ready. MIT License.
Production-grade AWS EC2 security hardening using PowerShell & AWS CLI. Covers SSH hardening, UFW firewall, Fail2ban brute-force protection, CloudWatch monitoring, and automated stability setup on Ubuntu 22.04.
Friendly, safe, interactive Bash script for Ubuntu Server & Desktop initial setup and post-install hardening — UFW firewall, Fail2ban, SSH hardening, automatic security updates, swap, Docker, dev tools. Beginner-friendly, dry-run, idempotent. Ubuntu 22.04 & 24.04 LTS.
Ansible infrastructure-as-code for Linux server provisioning, hardening, and lifecycle management. 27 production-ready roles covering security, networking, databases, VPN, monitoring, and automated upgrades across Debian, RedHat, OpenBSD, FreeBSD, and macOS.
Hardening SSH on a 32‑bit Alpine Linux system.
🚀 一键部署 VPS 的 Windows 命令行工具 | A Windows CLI tool to bootstrap VPS
Backup-first SSH port migration skill to move off port 22 safely with two-phase rollout, validation, firewall sync, and rollback.
A practical, CIS-aligned Linux hardening toolkit for Debian and Ubuntu systems, focused on visibility, least privilege, firewalling, mandatory access control, auditing, and defending everyday workstations and servers without blind automation.
✨ Simulation complète d'une infrastructure réseau SOHO sécurisée.
Web infrastructure hardening reference: OpenSSH, Mozilla Intermediate TLS for Apache and Nginx, security headers, UFW baselines, and DNS hardening (DNSSEC, CAA, SPF, DKIM, DMARC). Sanitized configurations for Ubuntu and Debian web servers. Part of Web Stack Defense.
In this repo, i simulate enterprise IT environments through hands-on infrastructure engineering, automation, monitoring, and identity management.
Add a description, image, and links to the ssh-hardening topic page so that developers can more easily learn about it.
To associate your repository with the ssh-hardening topic, visit your repo's landing page and select "manage topics."