ninabarzh
commented
1 year ago And with Ubuntu 22.04 chosen, with a Ubuntu Pro subscripton, modifying a server to comply with the CIS benchmark with USG is as simple as CIS benchmark compliance: Introducing the Ubuntu Security Guide. Setting up a server as docker host in a local QEMU/KVM guest first, I may have to throw one (or two, or three) away though.
Outcome is a list of host hardening to-do's for when setting up for (demo) production.
Use the CIS benchmarks.