From 06e1350747b75afb877357953d33335570074255 Mon Sep 17 00:00:00 2001 From: BWSTTVDEV Date: Tue, 5 Aug 2025 04:45:03 +0000 Subject: [PATCH] Updated to disabled root --- setup.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/setup.sh b/setup.sh index fa1f8f6..0a97b8a 100644 --- a/setup.sh +++ b/setup.sh @@ -48,4 +48,13 @@ echo "Configuring firewall..." ufw allow OpenSSH ufw --force enable +# === HARDEN SSH: Disable root login via SSH === +echo "Disabling root SSH login..." +sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config +sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config +systemctl restart ssh || service ssh restart + +# === ENSURE beer CAN USE SUDO === +usermod -aG sudo beer + echo "Setup complete! You can now SSH into the container/VM as '$USERNAME'."