Lynis is an open source and free to use security tool for systems running Linux, macOS, or Unix-based operating system. Lynis is released under GPL and it comes without warranties or support. Its focus is on system hardening and compliance testing.
Let’s see how to download and install this security tool on your Linux systems.
Download and Installation
To get a copy of Lynis, several options are available. You can choose any option from the below list:
1. Installation via the package manager
You can install Lynis using a Package manager. As most of the operating systems and distributions have ports or packages.
First, you have to add the software repository. So the latest version will be available to your system.
This applies to systems running YUM such as CentOS, Fedora, Red Hat Enterprise Linux (RHEL).
$ yum install lynis
Systems running Debian, Linux Mint, Ubuntu, or are based on one of these can use below command.
$ apt-get install lynis
On openSUSE system, you can install Lynis via the following command.
$ zypper install lynis
2. Installation via Git
The first step is to clone the project. Now, select the parent directory. Git will create a ‘lynis’ subdirectory having the full program in it.
$ cd /usr/local
$ git clone https://github.com/CISOfy/lynis Cloning into 'lynis'... remote: Counting objects: 1733, done. remote: Compressing objects: 100% (8/8), done. remote: Total 1733 (delta 3), reused 0 (delta 0), pack-reused 1725 Receiving objects: 100% (1733/1733), 886.18 KiB | 378.00 KiB/s, done. Resolving deltas: 100% (1204/1204), done. Checking connectivity... done.
$ cd lynis
That’s it. Now run your first security audit by executing the below command.
$ lynis audit system
3. Installation via direct download
Step 1. Create a directory
Lynis can be started from any directory. So choose a directory to store Lynis. For example, we are using /usr/local/lynis directory here.
$ mkdir -p /usr/local/lynis $ cd /usr/local
Step 2. Download
Next, you have to download the latest version of Lynis into the /usr/local directory. In this method, we use the compressed tarball, which includes all the files.
Access the Lynis download page. Copy the link to the Lynis tarball (ends with lynis-<version>.tar.gz).
Use this link together with wget. macOS users can use curl to download this file, where BSD users can use fetch.
$ wget https://cisofy.com/files/lynis-<version>.tar.gz or $ curl https://cisofy.com/files/lynis-<version>.tar.gz -o lynis.tar.gz
Step 3. Unpack the tarball
$ tar xfvz lynis-<version>.tar.gz
4. Installation via Homebrew
For users of macOS, Homebrew can be used as an alternative for manual installation and using Git.
$ brew install lynis
That it! These are the four main methods available to install and download Lynis on your Linux system. You can use any one of them to get Lynis installed on your system. Once done with the installation you can proceed to run Lynis for the first time.