Lynis checks a Linux or macOS system for several possible vulnerabilities by typing just one command.

Table of Contents


Install lynis package with a package manager like apt.


To run all tests, type:

lynis audit system

You can run this command as root so it can run tests that require root permissions.


Process may take some minutes. Once finished, you can check all the results, open log file inside the working directory or run lynis show details <test ID> to more info about one test results.

$ lynis show details DEB-0880
2022-01-27 10:36:47 Performing test ID DEB-0880 (Checking for fail2ban)
2022-01-27 10:36:47  - fail2ban is not installed.
2022-01-27 10:36:47 Hardening: assigned partial number of hardening points (0 of 2). Currently having 0 points (out of 9)
2022-01-27 10:36:47 Suggestion: Install fail2ban to automatically ban hosts that commit multiple authentication errors. [test:DEB-0880] [details:-] [solution:-]
2022-01-27 10:36:47 ====

Lynis results

If you have any suggestion, feel free to contact me via social media or email.