clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
clawdie-iso/docs/SECURITY-BASELINE.md

91 lines
6.1 KiB
Markdown
Raw Normal View History

docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
# Security Baseline — Live USB Boot Checklist
docs: normalize prose dates to DD.mon.YYYY (AGENTS.md rule) Convert US/ISO prose dates to EU format across iso docs (CHANGELOG, plans, handoffs, wiki-linked docs). Left as-is (data, not prose): the sample log lines in FIRSTBOOT.md and the ADMIN-PANEL.md UI mockup (timestamps/snapshot names); ISO is correct for machine output. Markdown format gate clean.
2026-06-24 16:44:37 +02:00
23.jun.2026 | OSA audit → live USB alignment
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
Cross-reference of security checks that should pass on every booted
docs: normalize prose dates to DD.mon.YYYY (AGENTS.md rule) Convert US/ISO prose dates to EU format across iso docs (CHANGELOG, plans, handoffs, wiki-linked docs). Left as-is (data, not prose): the sample log lines in FIRSTBOOT.md and the ADMIN-PANEL.md UI mockup (timestamps/snapshot names); ISO is correct for machine output. Markdown format gate clean.
2026-06-24 16:44:37 +02:00
Clawdie USB. Derived from the OSA security audit on 23.jun.2026.
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
## Boot-time checks
### SSH hardening
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| ---------------------- | ---------------------------------------- | --------------------------- |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
| Password auth disabled | `grep PasswordAuth /etc/ssh/sshd_config` | `PasswordAuthentication no` |
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Root login disabled | `grep PermitRoot /etc/ssh/sshd_config` | `PermitRootLogin no` |
| Key-only auth | `grep PubkeyAuth /etc/ssh/sshd_config` | `PubkeyAuthentication yes` |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
### Service accounts
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| ------------------------- | ------------------------------------------ | -------------------------------------------------------------- |
| colibri user exists | `pw usershow colibri` | uid 3002, shell `/usr/sbin/nologin` or `/bin/sh` with restrict |
| colibri password locked | `pw usershow colibri \| grep '*'` | `*` (asterisk = locked) |
| colibri in clawdie group | `id colibri` | includes `clawdie` group |
| SSH key restricted | `cat /var/db/colibri/.ssh/authorized_keys` | `command="colibri-mcp-ssh",restrict,no-pty,...` |
| Home dir owned by colibri | `ls -la /var/db/colibri/` | `colibri:colibri` on the directory itself |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
### MCP socket
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| --------------------------- | -------------------------------------- | ---------------------------- |
| Socket exists | `ls /var/run/colibri/colibri.sock` | exists |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
| Restricted to clawdie group | `ls -la /var/run/colibri/colibri.sock` | `srwxrwx--- clawdie:clawdie` |
### Firewall (pf)
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| ----------------------------- | ------------------------------- | -------------------------------------- |
| Default deny | `sudo pfctl -sr` | `block drop all` as final rule |
| Only http/https public | `sudo pfctl -sr \| grep vtnet0` | only ports 80, 443 (and optionally 22) |
| SSH Tailscale-only (optional) | `sudo pfctl -sr \| grep ssh` | no vtnet0 ssh rule, only tailscale0 |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
### Listening ports
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| ------------------------ | ------------------------------- | ------------------------------------------------------- |
| No unexpected listeners | `sudo sockstat -l` | nginx (80/443), colibri (socket), sshd |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
| Dashboard Tailscale-only | `sudo sockstat -l \| grep 9119` | Hermes dashboard — should be on localhost or tailscale0 |
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| No 0.0.0.0 bindings | `sudo sockstat -l \| grep '*'` | only nginx 80/443 (public web), nothing else |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
### MCP access test
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| ---------------------------- | --------------------------------------------- | ----------------------------------------- |
| Local MCP works | `colibri-mcp tools` | lists tools |
| SSH MCP from colibri user | `ssh -i mother-mcp colibri@localhost 'tools'` | lists tools (single-word invocation only) |
| colibri_external_mcp_servers | via MCP tool | shows registered external servers |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
### External MCP servers
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Check | Command | Expected |
| --------------------------- | -------------------------------------------------------- | ----------------------------- |
| Config exists | `cat /usr/local/etc/colibri/external-mcp.json` | valid JSON with servers |
| COLIBRI_MCP_EXTERNAL_CALL | `grep EXTERNAL_CALL /usr/local/etc/colibri/provider.env` | `COLIBRI_MCP_EXTERNAL_CALL=1` |
| geodesic-dome-mcp installed | `ls /usr/local/bin/geodesic-dome-mcp` | exists, executable |
| build-colibri.sh installed | `ls /usr/local/bin/build-colibri.sh` | exists, executable |
feat(mother): add node-register MCP tool for USB hw-probe registration New packaging/mother/node-register-mcp accepts JSON-RPC tools/call, inserts hw_profile into mother_hive.usb_nodes, and returns the row with auto-derived capabilities (derive_capabilities trigger fires). Requires one-time PostgreSQL setup on mother: CREATE ROLE colibri WITH LOGIN; GRANT CONNECT ON DATABASE mother_hive TO colibri; GRANT INSERT, UPDATE ON usb_nodes TO colibri; GRANT USAGE ON SEQUENCE usb_nodes_id_seq TO colibri; Also updates docs to reflect 0.12 daemon behavior: hw-probe is collected by the daemon (not the agent) and passed via CLAWDIE_HW_PROFILE env var. COLIBRI_AUTOSPAWN_ARGS default is binary-dependent (zot->rpc, others->--mode json).
2026-06-24 09:07:48 +02:00
| node-register-mcp installed | `ls /usr/local/bin/node-register-mcp` | exists, executable |
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| colibri-mcp-ssh wrapper | `ls /usr/local/bin/colibri-mcp-ssh` | exists, executable |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
## OSA-specific exceptions (production)
docs: harness-neutral cleanup + restore green markdown gate Pi-era residue in current-tense docs/strings (CHANGELOG history left intact): - ONBOARDING-SIMPLIFICATION: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN; 'Pi agent' -> 'agent'. - clawdie-join-hive.sh: user-facing 'Pi agent is live' / 'no Pi agent' -> harness-neutral (default agent is now zot). - clawdie-live-seed.README.txt: COLIBRI_AUTOSPAWN_PI -> COLIBRI_AUTOSPAWN. - stage-colibri-iso.sh provider.env.sample: the AUTOSPAWN_ARGS example showed '--mode json' (invalid for the zot default); note the default is harness-derived (zot -> rpc, pi -> --mode json). Also restore the markdown format gate: 5 docs from the 0.12.0 work were prettier-dirty, so ./scripts/check-format.sh was already failing on main (the gate was red and unenforced — same pattern as the colibri build break). prettier --write brings them to style; gate is green again. No prose changes in those 5 — formatting only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:08:58 +02:00
| Exception | Reason |
| ------------------------------- | --------------------------------------------------- |
| Password auth enabled on vtnet0 | User preference for OSA access during development |
| SSH port 22 on public interface | OSA is the mother node, needs public SSH for now |
| Port 9119 on 0.0.0.0 | Hermes dashboard, pf-limited to Tailscale on vtnet0 |
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
These exceptions should NOT be present on a booted USB — the USB is a
single-user operator station, not a public server.
docs: normalize prose dates to DD.mon.YYYY (AGENTS.md rule) Convert US/ISO prose dates to EU format across iso docs (CHANGELOG, plans, handoffs, wiki-linked docs). Left as-is (data, not prose): the sample log lines in FIRSTBOOT.md and the ADMIN-PANEL.md UI mockup (timestamps/snapshot names); ISO is correct for machine output. Markdown format gate clean.
2026-06-24 16:44:37 +02:00
## Tests performed on OSA (23.jun.2026)
docs: security baseline — live USB boot checklist Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)
2026-06-23 15:24:37 +02:00
- ✅ SSH MCP from colibri user: `ssh -i mother-mcp colibri@localhost 'tools'` — works
- ✅ Home dir ownership fixed: `chown colibri:colibri /var/db/colibri`
- ✅ MCP socket permissions: `srwxrwx--- clawdie:clawdie`
- ✅ pf firewall: default deny, only http/https/ssh on vtnet0
- ✅ colibri authorized_keys: restrict + no-pty + forced command
- ✅ COLIBRI_MCP_EXTERNAL_CALL=1 in provider.env
- ✅ external-mcp.json: mother-build + geodesic-dome registered
- ⚠️ Port 9119 (Hermes dashboard) bound to 0.0.0.0 — pf limits to Tailscale
Reference in a new issue Copy permalink