You’ve hardened your server — SSH keys, firewall, fail2ban, automatic updates. But how do you know what you missed? Lynis is an open-source security auditing tool that scans your system and tells you exactly where to improve.

What Lynis Does

Lynis performs hundreds of individual tests across your system: kernel settings, authentication, file permissions, network configuration, running services, and more. It produces a hardening index (0–100) and a list of concrete suggestions with references to specific controls.