Validation script

validate.sh

+#!/bin/bash
+
+fail_empty(){
+if [ -z  "$1" ]
+then
+    echo "Error : $2"
+    exit 1
+else
+    echo "Ok : $1"
+fi
+}
+fail_not_empty(){
+if [ ! -z  "$1" ]
+then
+    echo "Error : $2"
+    exit 1
+else
+    echo "Ok : $1"
+fi
+}
+
+echo "Automated checks"
+Proto=$(grep "^Protocol 2" /etc/ssh/sshd_config)
+fail_empty "$Proto" "SSH Protocol 2 not enforced"
+Passwd=$(grep "^PasswordAuthentication no" /etc/ssh/sshd_config)
+fail_empty "$Passwd" "SSh password allowed"
+systemctl restart ssh
+real_users=$(egrep "10[0-9][0-9]" /etc/passwd)
+fail_not_empty "$real_users" "Please remove real_users"
+read -p "hit enter"
+echo "Manual check : fail2ban"
+systemctl status fail2ban
+fail2ban-client status
+read -p "hit enter"
+echo "Manual check : ufw"
+ufw status verbose
+read -p "hit enter"
+echo "Manual check : clamav"
+systemctl status clamav-daemon clamav-freshclam
+read -p "hit enter"
+echo "Manual check cron root"
+crontab -u root -l
+read -p "hit enter"
+echo "Manual check cron www-data"
+crontab -u www-data -l
+read -p "hit enter"
+echo "Manual check home perms"
+ls -lstrh --color=auto /home
+read -p "hit enter"