Anthony/openclaw-backups
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
openclaw-backups/archive/inactive-skills/openclaw-remote/guides/LESSONS_LEARNED.md

147 lines
4.0 KiB
Markdown
Raw Permalink Blame History

# OpenClaw Hardening: Lessons Learned
**Date:** 2026-02-08
**Source:** Real-world hardening session with OpenClaw 2026.2.6-3
## What We Learned The Hard Way
### ❌ Config Fields That DON'T Work
These fields cause `Config validation failed` errors:
```json
{
"logging": {
"redactSensitive": "all", // ❌ Invalid input
"enabled": true // ❌ Unrecognized key
},
"agents": {
"defaults": {
"tools": { // ❌ Unrecognized key
"deny": ["exec", "browser", "cron", "process", "gateway"]
},
"sandbox": { // ❌ Unrecognized key (in defaults)
"mode": "all",
"scope": "agent"
}
}
}
}
```
**Why?** OpenClaw's config schema doesn't support these fields. The original hardening guide was based on assumptions, not tested reality.
### ✅ What Actually Works
1. **File Permissions** (tested, works):
```bash
chmod 700 ~/.openclaw
chmod 600 ~/.openclaw/openclaw.json
chmod 700 ~/.openclaw/credentials
```
2. **Built-in Security Tools** (use these instead):
```bash
openclaw doctor --fix # Validates and fixes config
openclaw security audit --deep # Comprehensive security scan
openclaw health # Gateway and connection health
openclaw models status # Auth and model status
```
3. **Network Security** (check with):
```bash
netstat -an | grep 18789 | grep LISTEN
# Secure: 127.0.0.1 or ::1
# Exposed: 0.0.0.0
```
4. **Git Tracking** (rollback capability):
```bash
cd ~/.openclaw && git init
git add openclaw.json && git commit -m "config: baseline"
```
## Security Audit Results
After hardening a real installation:
```
Summary: 0 critical · 2 warn · 1 info
```
**Typical warnings (non-critical):**
- `gateway.trusted_proxies_missing` - OK if localhost-only
- `channels.discord.dm.scope_main_multiuser` - Optional session isolation
- `fs.credentials_dir.perms_readable` - Fixed with `chmod 700`
## The Reality: OpenClaw is Secure by Default
OpenClaw already provides:
- ✅ Localhost-only binding (`gateway.bind: "loopback"`)
- ✅ Token-based authentication required
- ✅ Secrets encrypted at rest
- ✅ OAuth flows with PKCE
- ✅ Session isolation
- ✅ CSRF protections
- ✅ Rate limiting
**Your job:** Verify these are working, lock down file permissions, maintain good operational security practices.
## Workflow That Works
```bash
# 1. Check network exposure
netstat -an | grep 18789 | grep LISTEN
# 2. Lock file permissions
chmod 700 ~/.openclaw
chmod 600 ~/.openclaw/openclaw.json
chmod 700 ~/.openclaw/credentials
# 3. Run security audit
openclaw security audit --deep
# 4. Fix any issues
openclaw doctor --fix
# 5. Git-track for rollback
cd ~/.openclaw && git init
git add openclaw.json && git commit -m "security: baseline config"
# 6. Verify health
openclaw health
openclaw models status
```
## Don't Waste Time On
- ❌ Manual config edits for tool restrictions (schema doesn't support)
- ❌ Manual logging config (not supported)
- ❌ Sandbox mode in defaults (not supported)
- ❌ Complex security configs (already built-in)
## Focus On
- ✅ File permissions (700/600)
- ✅ Network binding verification
- ✅ Regular security audits (`openclaw security audit --deep`)
- ✅ API key rotation (90-day cycle)
- ✅ Git-tracking config changes
- ✅ Operational security (dedicated accounts, separate machines)
## Command Reference
| Task | Command | Expected Result |
|------|---------|----------------|
| Check network | `netstat -an \| grep 18789` | 127.0.0.1 (not 0.0.0.0) |
| Validate config | `openclaw doctor --fix` | "Doctor complete." |
| Security scan | `openclaw security audit --deep` | 0 critical |
| Check health | `openclaw health` | "Discord: ok" |
| Auth status | `openclaw models status` | Lists auth providers |
## Key Insight
**Stop adding manual security configs. Start verifying built-in security.**
OpenClaw is secure by design. The hardening process is about verification and operational security, not configuration hacking.
Reference in New Issue View Git Blame Copy Permalink