Running Lynis on a Linux home server is easy. Knowing what to fix first is the useful part. You run one command, wait a little, and suddenly your server has a hardening score, warnings, suggestions, and a long list of things you probably ignored for too long. That is exactly why Lynis is useful. It is also why you should not treat the report like a checklist that must be fixed blindly in one evening. This post is a practical Lynis hardening checklist for Linux home servers . It is written for small homelabs, old desktops, mini PCs, laptops used as servers, cheap VPS boxes and Docker hosts running useful services at home. The goal is not to get a perfect Lynis score. The goal is to understand what matters, fix the high-value issues first, and avoid breaking a working server in the name of “security”. Lynis is an open-source security auditing and hardening tool for Linux, Unix and macOS systems. It scans the machine and gives suggestions to improve security. A good Linu...
Practical Linux, homelab and computer security notes: home servers, Docker, UFW, Fail2ban, Lynis, honeypots, old hardware and sysadmin experiments.