Lynis is a security-auditing tool, used for UNIX, Linux, and macOS systems. This tool is an open-source tool designed for various purposes such as configuration errors detection, security auditing, compliance testing, penetration testing, weak user account passwords, and vulnerability detection. Lynis is useful for system administrators and auditors to measure the security checks on the Linux systems.
This article will provide a complete guide about how to install the lynis on Ubuntu 20.04 system and its derivatives using the command line.
Installation of lynis on Ubuntu 20.04
The following installation steps will help you to install the Lynis tool on Ubuntu 20.04:
Step 1: Update apt packages repository
First, make sure that the system package repository is up to date and all packages are upgraded to the latest version. Therefore, use the following command to perform this task:
$ sudo apt update
$ sudo apt upgrade
After performing the above actions, your system is ready to install the Lynis tool.
Step 2: Add lynis repository
The lynis tool is not available in the default Ubuntu 20.04 system base repository. However, you can add the lynis repository to your Ubuntu system and install the lynis from there. Add the lynis repository to Ubuntu 20.04 by executing the following command:
$ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
Once the repository is included in your system, download the public signing key by using the following command:
$ wget -O - https://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add -
Step 3: Installing Lynis on Ubuntu 20.04
Refresh the system repository for the above changes that take effect on your system. After that start the lynis installation on Ubuntu 20.04.
$ sudo apt update
$ sudo apt install Lynis
Step 4: Check lynis version
Once the lynis installation is completed, verify the lynis installation by displaying the installed version as follows:
$ lynis show version
The following output should receive on the terminal:
Step 5: Auditing Linux system using lynis
Lynis performs the security checks on the various key areas in which boot loader files, configurations files, software packages, logging, and auditing directories. Perform the security audit for your Linux system by running the following command:
$ sudo lynis audit system
When you run the above command for auditing a Linux system using lynis, the auditing results with different keywords such as OK, Found, Suggestion, Warning, etc. show on the screen.
A number of commands are available that you can execute using the lynis. To view these useful commands, run the following command:
$ lynis show commands
The following commands should display on the terminal:
Uninstall or Purge Lynis from Ubuntu 20.04
After finishing the auditing of your Linux system, you can remove this application from the Ubuntu system by using the following command:
$ sudo apt purge --remove lynis
We have installed the lynis auditing tool on Ubuntu 20.04 system. We have seen how you can audit a Linux system using lynis. For more information about the lynis tool, visit the man pages of lynis. Thanks!
Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications including CCNA RS, SCP, and ACE. As an IT engineer and technical author, he writes for various websites.