Lynis checks a Linux or macOS system for several possible vulnerabilities by typing just one command.

Table of Contents

Installation

Install lynis package with a package manager like apt.

Usage

To run all tests, type:

lynis audit system

You can run this command as root so it can run tests that require root permissions.

Lynis

Process may take some minutes. Once finished, you can check all the results, open log file inside the working directory or run lynis show details <test ID> to more info about one test results.

$ lynis show details DEB-0880
2022-01-27 10:36:47 Performing test ID DEB-0880 (Checking for fail2ban)
2022-01-27 10:36:47  - fail2ban is not installed.
2022-01-27 10:36:47 Hardening: assigned partial number of hardening points (0 of 2). Currently having 0 points (out of 9)
2022-01-27 10:36:47 Suggestion: Install fail2ban to automatically ban hosts that commit multiple authentication errors. [test:DEB-0880] [details:-] [solution:-]
2022-01-27 10:36:47 ====

Lynis results