@CopepodLover AFAIK even SSH is not running (I use it here), but only for remote access on my local network…
The Aeon files have sha256 checksums?
https://download.opensuse.org/tumbleweed/appliances/
1 Like
Oh thank you. My error, I was only looking at the official download page and didn’t check further. Thanks for the link! I’ll have a look at it then. 
Mastering systemd: Securing and sandboxing applications and services
https://documentation.suse.com/en-us/smart/security/html/systemd-securing/index.html
https://docs.rockylinux.org/guides/security/systemd_hardening/
https://www.redhat.com/en/blog/mastering-systemd
https://linux-audit.com/systemd/how-to-harden-a-systemd-service-unit/
Check linux capabilities:
$ zypper install libcap-ng-utils
$ pscap -a
@GrandDixence2 Many systemd services are already hardened for sometime… See https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Running fwupdmgr security also offers insight.
1 Like