os-hardening
CommunityLock down Linux to reduce attack surface.
Legal & Compliance#linux#firewall#auditd#server security#os hardening#ssh security#cisa cis benchmarks
Authorprapanch
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill reduces the attack surface of a Linux system by disabling what is unnecessary, tightening permissions, and enforcing safer defaults that mitigate common intrusion paths.
Core Features & Use Cases
- SSH and authentication hardening: disables root login, enforces key-only SSH, and applies safer access policies for users and service accounts.
- Network exposure reduction: removes unnecessary listening services, applies default-deny firewall rules, and restricts internal services to localhost.
- Filesystem and update hardening: locks down sensitive files, restricts execution in risky mount points like /tmp, and ensures security patching with safe reboot practices.
- Audit and monitoring: enables auditing, logs privileged actions, and supports integrity monitoring to detect unexpected changes.
- Use Case: When onboarding a new server before internet exposure or responding to a security scan finding, apply the checklist to bring the system in line with baseline hardening practices.
Quick Start
Use the os-hardening skill to produce a hardened baseline plan for a new Ubuntu/Debian server by applying SSH, firewall, filesystem, patching, and auditing recommendations.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: os-hardening Download link: https://github.com/prapanch/agent-coda/archive/main.zip#os-hardening Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.