AgentSkillsCN

harden

VPS 安全审计与加固

SKILL.md
--- frontmatter
name: harden
description: VPS security auditing and hardening
emoji: "🔒"
commands:
  - /harden

VPS Hardening

Security auditing and automated hardening for remote servers.

Commands

/harden audit <host>

Run security audit against a server. Checks:

  • System updates
  • Auto-updates configuration
  • SSH root login status
  • Password authentication
  • Firewall status
  • Fail2ban status
  • System uptime
  • Listening services
  • Sudo user configuration

/harden fix <host>

Apply safe fixes that won't lock you out:

  • Install system updates
  • Enable unattended-upgrades
  • Configure UFW firewall
  • Install and enable fail2ban
  • Set SSH MaxAuthTries

/harden emergency <host>

Quick 10-minute hardening for new servers:

  • Full system update
  • Firewall setup
  • Fail2ban installation
  • Root password lock

/harden report <host>

Generate markdown security report.

Options

OptionDescription
--user=NAMESSH user (default: root)
--dry-runPreview changes without applying

Examples

code
/harden audit 192.168.1.100
/harden fix myserver.com --user=admin
/harden emergency vps.example.com --dry-run
/harden report server.io > security-report.md

Security Checks

CheckPass Criteria
System Updates0 pending updates
Auto Updatesunattended-upgrades installed
Root LoginPermitRootLogin no
Password AuthPasswordAuthentication no
FirewallUFW active or iptables configured
Fail2banService running
Uptime< 90 days
Services< 10 listening ports
Sudo UsersAt least one non-root sudo user
MaxAuthTriesSet to 3 or less