ClawHub

Vps Openclaw Security Hardening

Production-ready security hardening for VPS running OpenClaw AI agents. Includes SSH hardening (custom port), firewall, audit logging, credential management,...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 440 · 0 current installs · 0 all-time installs
by@MarcusGraetsch
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with what the included scripts perform (SSH hardening, UFW, auditd, cron jobs, alerting). Required binaries (ssh, ufw, auditd, systemctl, apt-get) are appropriate for the stated purpose. Minor mismatch: SKILL metadata marks fail2ban as optional but install.sh installs fail2ban unconditionally.
!
Instruction Scope
Installer and helper scripts run as root and modify systemwide configuration (sshd_config, /etc/cron.d, /etc/audit, UFW, systemctl). They read system logs (/var/log/auth.log, /var/log/audit) and audit output (ausearch) and may send snippets via external alert channels (Telegram/Discord/Slack/Webhook/Email). That alerting/reporting may expose audit/log contents to external endpoints if you enable them — the SKILL.md does warn not to run on machines with sensitive data, but the scripts do not sanitize content beyond simple grep/head. Also the SKILL.md and scripts reference config/alerting.env and rules/audit.rules, but those files are not present in the provided file manifest, which would cause the installer to fail or behave unexpectedly.
Install Mechanism
No external download/install spec in registry (the bundle contains scripts). This reduces supply-chain risk, but the installer will make destructive system changes when run as root. No remote archives/URLs are downloaded by the installer itself. Because it's an instruction-driven install, you must review and run the scripts locally in a controlled environment first.
Credentials
The skill declares no required environment variables; it expects you to set SSH_PORT and optionally populate config/alerting.env with alert-channel credentials. It does not request unrelated cloud/provider credentials. Scripts inspect credential files in /root/.openclaw/.env and /root/.env (for verification) — that is consistent with a hardening/monitoring tool, but you should confirm where you store any secrets and protect alert-channel tokens.
Persistence & Privilege
The installer enables system services (auditd, unattended-upgrades, fail2ban), installs cron jobs under /etc/cron.d/agent-security, and writes to /etc (ssh, audit rules). It does not set always:true or modify other skills' configs, but it does create long-lived system changes and scheduled tasks — appropriate for a hardening tool but high-privilege, so run only on a dedicated/test machine.
What to consider before installing
Do not run this on machines that hold sensitive personal or production data — the package explicitly warns that too. Before installing: (1) Test in a throwaway VM with the same OS (Ubuntu/Debian). (2) Inspect/correct packaging gaps: the installer expects rules/audit.rules and a config/alerting.env template but those files are not present in the manifest — add or create those files before running. (3) Keep an administrative console (existing SSH session) open while you change SSH port and verify you can reconnect; understand rollback-ssh.sh behavior. (4) If you enable alerts, store alert tokens (Telegram/Discord/Slack/Webhook) securely and be aware that audit outputs (ausearch results) may be transmitted verbatim to external endpoints — avoid enabling remote delivery on systems containing sensitive data. (5) Review the install.sh changes to /etc/ssh/sshd_config (note some oddities in the script's file-write approach) and confirm the package list behavior (fail2ban installation despite 'optional' messaging). If you are unsure about any of these points, mark this skill for further review or run it only in a well-isolated test environment.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.6
Download zip
latestvk97fe816wgz129dxndv37m4y2h81gy7m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binsssh, ufw, auditd, systemctl, apt-get

SKILL.md

VPS Security Hardening for OpenClaw

Production-ready security hardening for AI agent deployments on VPS.

⚠️ CRITICAL WARNINGS

DO NOT run OpenClaw on servers/machines with sensitive personal data. Use a dedicated machine (VPS, bare-metal, or on-premise server dedicated to OpenClaw).

Supported OS: Ubuntu 20.04+, Debian 11+. Not for Windows (use WSL2) or macOS.

⚠️ Choose Your SSH Port First

You must choose a custom SSH port (1024-65535) before installing. This makes you conscious of the security decision.

# Choose your port (example: 4848)
export SSH_PORT=4848

# Install
cd ~/.openclaw/skills/vps-openclaw-security-hardening
sudo ./scripts/install.sh

# Verify
./scripts/verify.sh

# Test SSH (new terminal)
ssh -p ${SSH_PORT} root@your-vps-ip

What It Does

LayerProtectionImplementation
NetworkFirewall, SSH hardeningUFW, custom port (your choice), key-only
SystemAuto-updates, monitoringunattended-upgrades, auditd
SecretsCredential managementCentralized .env, 600 permissions
MonitoringAudit logging, alertingKernel-level audit, multi-channel alerts

Requirements

  • OS: Ubuntu 20.04+ or Debian 11+ (Linux only)
  • NOT supported: Windows (use WSL2), macOS
  • Root access
  • Existing SSH key authentication
  • Alert channel (optional): Telegram, Discord, Slack, Email, or Webhook
  • Custom SSH port of your choice (1024-65535)

Security Changes

SSH

  • Port: 22 → ${SSH_PORT} (your choice, 1024-65535)
  • Auth: Keys only (no passwords)
  • Root login: Disabled
  • Max retries: 3
  • Fail2ban: Brute-force protection

Firewall

  • Default: Deny incoming
  • Allow: Your chosen SSH port only

Services

  • CUPS (printing): Stopped & disabled
  • Fail2ban: Intrusion detection enabled
  • Auto-updates: Security patches automatic

Monitoring

  • Credential file access tracking
  • SSH config change detection
  • Privilege escalation alerts
  • Daily security briefing

Resource Usage

ComponentRAMDisk
Auditd~2 MB40 MB max
UFW~1 MBNegligible
Scripts~5 MBNegligible
Total<10 MB<50 MB

Files

  • scripts/install.sh - Main installation
  • scripts/verify.sh - Verify installation
  • scripts/rollback-ssh.sh - Emergency rollback
  • scripts/critical-alert.sh - Telegram alerts
  • scripts/daily-briefing.sh - Daily reports
  • rules/audit.rules - Audit configuration

Documentation

See README.md for full documentation.

License

MIT - See LICENSE file

Files

12 total
Select a file
Select a file to preview.

Comments

Loading comments…