docs: security baseline — live USB boot checklist #122

Merged

clawdie merged 1 commit from feature/0.12.0 into main

2026-06-23 15:26:24 +02:00

clawdie commented

2026-06-23 15:26:05 +02:00

Owner

Cross-reference from OSA audit (2026-06-23): SSH hardening,
MCP socket, firewall, listening ports, service accounts,
external MCP servers. Each check has command + expected output.

OSA exceptions documented: password auth kept for dev access.
USB should be stricter — key-only SSH, no 0.0.0.0 bindings.

Skill saved: security-audit-clawdie (freebsd category)

Cross-reference from OSA audit (2026-06-23): SSH hardening, MCP socket, firewall, listening ports, service accounts, external MCP servers. Each check has command + expected output. OSA exceptions documented: password auth kept for dev access. USB should be stricter — key-only SSH, no 0.0.0.0 bindings. Skill saved: security-audit-clawdie (freebsd category)

clawdie added 1 commit 2026-06-23 15:26:08 +02:00

docs: security baseline — live USB boot checklist 180abbab39

Cross-reference from OSA audit (2026-06-23): SSH hardening,
MCP socket, firewall, listening ports, service accounts,
external MCP servers. Each check has command + expected output.

OSA exceptions documented: password auth kept for dev access.
USB should be stricter — key-only SSH, no 0.0.0.0 bindings.

Skill saved: security-audit-clawdie (freebsd category)

clawdie merged commit 11e016686e into main

2026-06-23 15:26:24 +02:00

clawdie referenced this pull request from a commit

2026-06-23 15:26:26 +02:00

Merge pull request 'docs: security baseline — live USB boot checklist' (#122) from feature/0.12.0 into main

No reviewers

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/clawdie-iso#122

No description provided.

Rows
Columns