24 lines
402 B
YAML
24 lines
402 B
YAML
---
|
|
# SSH hardening
|
|
sshd_port: 22
|
|
sshd_permit_root_login: "no"
|
|
sshd_password_authentication: "no"
|
|
sshd_pubkey_authentication: "yes"
|
|
sshd_x11_forwarding: "no"
|
|
sshd_max_auth_tries: 3
|
|
sshd_client_alive_interval: 300
|
|
sshd_client_alive_count_max: 2
|
|
|
|
# Packages to install
|
|
base_packages:
|
|
- ufw
|
|
- fail2ban
|
|
- curl
|
|
- wget
|
|
- git
|
|
- htop
|
|
- vim
|
|
- unzip
|
|
- ca-certificates
|
|
- gnupg
|
|
- lsb-release
|