A quick system audit with lynis

I wanted to check if my server was safe enough and for that i’ve tried to find the right tool. I wanted a non complicated software an not an online check for safety reasons. I’ve found an opensource software called “lynis” which can make an offline system audit.

Here is how to install it on Debian stable :

# install the public key of the editor
  curl -fsSL https://packages.cisofy.com/keys/cisofy-software-public.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/cisofy-software-public.gpg

# add the repository
echo "deb [arch=amd64,arm64 signed-by=/etc/apt/trusted.gpg.d/cisofy-software-public.gpg] https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list

# update your debian package list
apt update

# install
apt install lynis

After that i’ve launched the system audit :

lynis audit system

The audit starts and the report log is stored in /var/log/lynis.log

I’ve corrected some elements found in that report and discovered some improvements to make. I hope you could find some too.



146 Words

2024-03-30 17:03 +0100