This repository contains a comprehensive Bash script designed for Arch-based Linux distributions. It helps automate essential system hardening tasks, improve security posture, and simplify configuration โ all from a single interactive menu.
- ๐ Secure Boot Setup using
sbctl - ๐ฅ Firewall Management with optional GUI installer
- ๐ Auditd Logging toggle
- ๐ซ Fail2ban Protection for brute-force attack mitigation
- ๐ก๏ธ Kernel Hardening via
sysctl - ๐งน Orphaned Package Cleanup
- ๐ Security Audit with:
- SSH root login check
- Sudo privilege analysis
- Kernel hardening status
- Auditd, Fail2ban, Firewall, Secure Boot checks
- CPU mitigation flags detection (
nopti,mds=off, etc.) mitigations=offglobal override detectionโ ๏ธ Performance impact warnings for active mitigations
- Arch-based Linux distribution (e.g. Arch, Manjaro, EndeavourOS)
dialogpackage (installed automatically if missing)sbctl,ufw,audit,fail2banโ installed as needed
git clone https://github.com/yourusername/arch-security-toolkit.git
cd arch-security-toolkit
chmod +x arch-security-toolkit.sh
./arch-security-toolkit.sh