What steps can I include in a first boot script to enhance SSH security on my DietPi installation?
I want to make sure my SSH server is as secure as possible from the start, so ex. I don’t need to change port etc. every time
I was wondering if anyone of you had already made that script to hardening settings to SSH in the Automation_Custom_PreScript.sh file?
Please note: I’m using OpenSSH, not Dropbear.
Thanks for the update, i could see if i use openssh i would need to add this this file right: /etc/ssh/sshd_config.d/dietpi.conf
I guess that is some of the settings you are refereeing too?
Would a script like this work:
Define the settings
Append the settings to the dietpi.conf file
echo “$settings” | sudo tee -a /etc/ssh/sshd_config.d/dietpi.conf > /dev/null
edit, I already set the id_ed25519 key(s) with dietpi.txt