easy-admin
blocklist
easy-admin | blocklist | |
---|---|---|
5 | 1 | |
32 | 14 | |
- | - | |
8.3 | 4.5 | |
27 days ago | 3 months ago | |
Shell | C | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
easy-admin
-
SSHGuard
while it is not the best, you can try my working sane default for sshd_config and sshd_config.
Each settings in the config files have annotations and details and some have additional links detailing why.
Even has a bash script to let you create these config files (defaults to a subdirectory, not into /etc/ssh)
https://github.com/egberts/easy-admin/tree/b74765baa450593be...
-
Start Self Hosting
CISecurity and other government hardening docs were applied as well and then some I took even further like Chrony had its file permissions/ownership even further and MitM block feature as well.
These are dangerous scripts where it can write files as root but as a user, you will instead get configuration files written out in appropriate directories under `build` subdirectory.
If these designs work across Redhat/Fedora/CentOS, Debian/Devuan, and ArchLinux well, I may forge even further.
https://github.com/egberts/easy-admin
-
How Does NTP (Network Time Protocol) Work?
There is MitM NTP going on so a bit of hardening is needed.
Not commonly discussed but I wrote a script to do Chrony added configuration to mitigate this.
https://github.com/egberts/easy-admin/blob/main/480-ntp-chro...
- Simple SSH Security
blocklist
-
SSHGuard
Possibly the best tool in this space is blacklistd / blocklistd, which just exposes some reporting APIs and hooks them directly in sshd, rather than trying to parse failed logins out of logs. That said, meh.
https://github.com/zoulasc/blocklist
What are some alternatives?
docker-ntp - 🕒 Chrony NTP Server running in a Docker container (without the priviledged flag)
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
ssh-audit - SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
HRScan2 - A self-hosted drag-and-drop, nosql yet fully-featured file-scanning server.
MarkdownSite - Create a website from a git repository in one click
ios - 📱 Nextcloud iOS App
HRConvert2 - A self-hosted, drag-and-drop & nosql file conversion server & share tool that supports 86 file formats in 13 languages.
hn-search - Hacker News Search
photos-app - ➡️ Moved to https://github.com/ente-io/ente
Mailcow - mailcow: dockerized - 🐮 + 🐋 = 💕
Radarr - Movie organizer/manager for usenet and torrent users.