Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Security & Compliance
Vps Openclaw Security Hardening
Production-ready security hardening for VPS running OpenClaw AI agents. Includes SSH hardening (custom port), firewall, audit logging, credential management,...
skill openclawclawhub Free
Production-ready security hardening for VPS running OpenClaw AI agents. Includes SSH hardening (custom port), firewall, audit logging, credential management,...
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- CHANGELOG.md, README.md, REMOTE.txt, SKILL.md, VERSION.txt, scripts/audit-log-monitor.sh
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.6
Provenance
- Publisher
- MarcusGraetsch
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
VPS Security Hardening for OpenClaw
Production-ready security hardening for AI agent deployments on VPS.
โ ๏ธ CRITICAL WARNINGS
DO NOT run OpenClaw on servers/machines with sensitive personal data. Use a dedicated machine (VPS, bare-metal, or on-premise server dedicated to OpenClaw). Supported OS: Ubuntu 20.04+, Debian 11+. Not for Windows (use WSL2) or macOS.
โ ๏ธ Choose Your SSH Port First
You must choose a custom SSH port (1024-65535) before installing. This makes you conscious of the security decision. # Choose your port (example: 4848) export SSH_PORT=4848 # Install cd ~/.openclaw/skills/vps-openclaw-security-hardening sudo ./scripts/install.sh # Verify ./scripts/verify.sh # Test SSH (new terminal) ssh -p ${SSH_PORT} root@your-vps-ip
What It Does
LayerProtectionImplementationNetworkFirewall, SSH hardeningUFW, custom port (your choice), key-onlySystemAuto-updates, monitoringunattended-upgrades, auditdSecretsCredential managementCentralized .env, 600 permissionsMonitoringAudit logging, alertingKernel-level audit, multi-channel alerts
Requirements
OS: Ubuntu 20.04+ or Debian 11+ (Linux only) NOT supported: Windows (use WSL2), macOS Root access Existing SSH key authentication Alert channel (optional): Telegram, Discord, Slack, Email, or Webhook Custom SSH port of your choice (1024-65535)
SSH
Port: 22 โ ${SSH_PORT} (your choice, 1024-65535) Auth: Keys only (no passwords) Root login: Disabled Max retries: 3 Fail2ban: Brute-force protection
Firewall
Default: Deny incoming Allow: Your chosen SSH port only
Services
CUPS (printing): Stopped & disabled Fail2ban: Intrusion detection enabled Auto-updates: Security patches automatic
Monitoring
Credential file access tracking SSH config change detection Privilege escalation alerts Daily security briefing
Resource Usage
ComponentRAMDiskAuditd~2 MB40 MB maxUFW~1 MBNegligibleScripts~5 MBNegligibleTotal<10 MB<50 MB
Files
scripts/install.sh - Main installation scripts/verify.sh - Verify installation scripts/rollback-ssh.sh - Emergency rollback scripts/critical-alert.sh - Telegram alerts scripts/daily-briefing.sh - Daily reports rules/audit.rules - Audit configuration
Documentation
See README.md for full documentation.
License
MIT - See LICENSE file
Category context
Identity, auth, scanning, governance, audit, and operational guardrails.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
3 Docs2 Files1 Scripts
- SKILL.md
- CHANGELOG.md
- README.md
- scripts/audit-log-monitor.sh
- REMOTE.txt
- VERSION.txt