https://github.com/dev-sec/ansible-collection-hardening/tree/master/roles/os_hardening
You can steal snippets from this
Since CrowdSec is cuckblocking i2p to high heavens, I want to secure my SSH server before removing it, because I am not fond of all the random af traffic that goes there. So, I found this: https://github.com/skeeto/endlessh.git
Got any other hardening ideas? Aside from the obvious no password auth, no root login, pubkey auth only?
#asknostr
Discussion
Ohhh this looks like an awesome resource! Thank you, will see what I can take from this and use on OpenWrt. ^^