This repository contains two scripts designed for server security and VPN configuration.
The secure_server
script performs the following tasks:
- Disables Root Access via SSH: Modifies SSH configuration to prevent root login.
- Changes Root Password: Prompts the user to set a new root password.
- Creates a New User: Generates a new user and prompts for the user's password.
- Installs Lynis: Automatically installs lynis
- Installs Suricata: Automatically installs Suricata
- Installs RkHunter: Automatically installs RkHunter
- Installs Auditd: Automatically installs Auditd
- Make the script executable:
chmod +x secure_server
- Run the script with root privileges:
sudo ./secure_server
The wireguard_setup
script configures WireGuard with a simple client-server setup:
- Generates Configuration Files: Creates basic configuration for both server and client.
- Includes Preshared Key: Automatically generates and includes a preshared key in the configurations.
- Endpoint Placeholder: The user must manually insert the server endpoint into the client configuration.
- Installs WireGuard: Automatically installs WireGuard VPN software
-
Make the script executable:
chmod +x wireguard_setup
-
Run the script with root privileges:
sudo ./wireguard_setup
-
Complete the Setup:
- Open the client configuration file (
wg-client.conf
) and insert the server endpoint (IP/hostname) into the[Peer]
section.
- Open the client configuration file (
secure_server
requires sudo privileges to modify system settings and install packages.wireguard_setup
requires sudo privileges to configure network settings and create configuration files.
This project is licensed under the MIT License - see the LICENSE file for details.
For questions or issues, please open an issue on this repository or contact info@kamesystem.com.