This Bash script runs on DietPi systems to provide security tweaks the default settings do not include. The goal is to introduce good network security to users in a simple manner, with sane defaults and options aimed at lightweight systems.
- An installed instance of DietPi Linux.
- If you decide to harden SSH (the option is given at runtime), you must have SSH keys setup on the server. Check out my script SSH-key-builder if you need help with that (https://github.com/Trimble-tech/SSH-Key-Builder).
- Most may prefer to download to a laptop or desktop, then move it over with a tool like SCP:
- If you are using Dropbear (the default) SSH server, you need to install openssh-client for SCP to work (sudo apt install openssh-client). This includes an SCP binary Dropbear doesn't ship. If you use OpenSSH as the server, SCP is included.
- Copy the script with SCP using: scp Hardening-Dietpi.sh dietpi@your-server-IP-address:/home/dietpi/
- Using chmod can mark the script file executable: chmod +x Hardening-Dietpi.sh
- ./Hardening-Dietpi.sh
Hardening DietPi is licensed by Chris Trimble under the GPL v3 Open Source license (2023). Refer to file "LICENSE" for more information.