openclaw-secure-linux-cloud

作者: xixu-me

在云服务器上自托管OpenClaw时使用,用于加固远程OpenClaw网关、选择SSH隧道、Tailscale或反向代理暴露方式,或审查Podman、配对、沙箱、令牌认证及工具权限默认设置,以实现安全的个人部署。

npx skills add https://github.com/xixu-me/skills --skill openclaw-secure-linux-cloud
下载 ZIPGitHub

Overview

Use this skill for the conservative "deploy first, expose later" pattern for OpenClaw on a cloud server.

Default to a private control plane:

  • Harden the Linux host before exposing anything.
  • Keep the gateway bound to 127.0.0.1.
  • Reach the Control UI through an SSH tunnel first.
  • Keep token authentication, pairing, and sandboxing enabled.
  • Start with a narrow tool profile and loosen only with an explicit need.

This skill is for secure Linux cloud hosting. If the user only wants the fastest generic OpenClaw install on a local machine, prefer the official OpenClaw onboarding docs instead of forcing this flow.

Open references/REFERENCE.md when you need the command matrix, baseline config shape, checklist, or access-path comparison.

When To Use

Use this skill when the user mentions any of the following:

  • OpenClaw on a cloud server, VM, or other Linux host
  • Secure self-hosting, hardening, or "run it privately"
  • Podman, loopback binding, SSH tunneling, or remote Control UI access
  • Tailscale vs reverse proxy for OpenClaw
  • Pairing, sandboxing, token auth, or locked-down tool permissions
  • Reviewing whether an existing OpenClaw host is too exposed

Do not use this skill for:

  • General Linux hardening with no OpenClaw component
  • Local single-machine onboarding where remote access is irrelevant
  • Pure local onboarding with no remote-host hardening questions
  • Non-Linux hosting unless the user explicitly wants this Linux-first pattern adapted

Workflow

1. Classify the request

Put the task in one of these buckets before giving detailed guidance:

  1. Fresh deploy: the user wants to stand up OpenClaw securely on a Linux cloud host from scratch.
  2. Hardening review: the user already has OpenClaw running and wants to reduce exposure or audit risky defaults.
  3. Access-model decision: the user is choosing between SSH tunneling, Tailscale, or a reverse proxy.

2. Start from the secure baseline

Unless the user clearly asks for something else, recommend this baseline:

  • Harden the Linux host first: updates, SSH keys, SSH lock-down, and a default-deny inbound firewall matched to the distro.
  • Run OpenClaw under rootless Podman rather than as a root-owned long-lived process.
  • Keep the gateway on loopback only.
  • Keep the Control UI private and access it through an SSH tunnel.
  • Require token authentication.
  • Keep pairing enabled for inbound messaging channels.
  • Start with a minimal tool set and sandbox sessions by default.

Treat these as explicit red flags:

  • Binding the gateway to 0.0.0.0
  • Opening port 18789 to the public internet
  • Turning on broad runtime, filesystem, automation, or browser access by default
  • Leaving ~/.openclaw readable by other local users

3. Separate local and server actions

Always distinguish between:

  • Local machine actions: SSH key generation, tunnel setup, browser access
  • Server actions: Linux hardening, Podman install path, OpenClaw service setup, config permissions, service restarts

Do not blur the two execution contexts together. The user should be able to tell which commands run on their laptop and which run on the Linux host.

4. Ask only for blocking facts

Only stop for missing facts that change the safe path, such as:

  • Linux distro and host access details when package-manager or firewall commands matter
  • Whether OpenClaw is already installed
  • Whether the user truly needs repeated remote private access or public access
  • Whether an existing deployment is already reachable from the internet

If a detail is not safety-critical, make the reasonable secure assumption and state it.

5. Use the access escalation ladder

Recommend remote access in this order:

  1. SSH tunnel: default for first deployment and personal use
  2. Tailscale: next step when the user needs repeated private access across trusted devices
  3. Reverse proxy: only when the user explicitly needs public exposure and accepts the extra hardening burden

If the user asks for Tailscale or reverse proxy, still explain why the loopback binding and private-first model remain the baseline.

Output Expectations

For a fresh deployment, provide:

  • A short architecture summary
  • Local-vs-server steps
  • A conservative config baseline
  • A pre-launch checklist
  • A short "what not to expose" warning

For a hardening review, provide:

  • The likely risks in the current setup
  • A prioritized remediation sequence
  • Any immediate exposure concerns to fix before anything else

For an access-path decision, provide:

  • A recommendation
  • Why it is the lowest-risk fit
  • What extra safeguards are required if the user chooses a broader exposure model

Common Mistakes

  • Treating OpenClaw like a normal public web app on day one
  • Assuming auth alone replaces network boundaries
  • Turning on more tool power before the user has a clear workflow that needs it
  • Disabling pairing just to save time during early setup
  • Skipping follow-up audits after changing config or sandbox settings

Reference Usage

Use references/REFERENCE.md when you need:

  • The cross-distro hardening flow and Debian/Ubuntu example commands
  • The Podman-based OpenClaw setup outline
  • The baseline config skeleton
  • The pre-launch checklist
  • The day-to-day audit commands
  • The SSH tunnel vs Tailscale vs reverse-proxy comparison

来自 xixu-me 的更多技能

github-actions-docs
xixu-me
当用户询问如何编写、解释、自定义、迁移、保护或排查GitHub Actions工作流、工作流语法、触发器、矩阵、运行器、可复用工作流、制品、缓存、密钥、OIDC、部署、自定义操作或Actions Runner Controller时使用,尤其是当用户需要官方GitHub文档、精确链接或基于文档的YAML指导时。
developmentdevopsdocument
use-my-browser
xixu-me
当工作依赖于用户的实时浏览器会话或可见渲染状态而非静态抓取时使用,尤其适用于浏览器调试场景、DevTools选中的元素或请求、已登录的仪表盘或CMS流程、本地应用、表单、上传、下载、媒体检查、DOM或iframe检查、Shadow DOM,以及表现为软404、认证墙、反爬虫检测或速率限制的浏览器故障。
browser-automationweb-scrapingtesting
readme-i18n
xixu-me
当用户想要翻译仓库的README、使仓库支持多语言、本地化文档、添加语言切换器、国际化README,或更新GitHub风格仓库中的本地化README变体时使用。
documentdevelopmentapi
develop-userscripts
xixu-me
在构建、调试、打包或发布用于Tampermonkey或ScriptCat的浏览器用户脚本时使用,包括GM API、元数据块、权限问题、@match/@grant/@connect设置、ScriptCat后台或定时脚本、UserConfig块或订阅工作流。
developmentbrowser-automationweb-scraping
secure-linux-web-hosting
xixu-me
Use when setting up, hardening, or reviewing a cloud server for self-hosting, including DNS, SSH, firewalls, Nginx, static-site hosting, reverse-proxying an app, HTTPS with Let's Encrypt or ACME clients, safe HTTP-to-HTTPS redirects, or optional post-launch network tuning such as BBR.
devopssecurityaws
opensource-guide-coach
xixu-me
当用户希望获得关于启动、贡献、发展、治理、资助、保护或维护开源项目的指导,或询问贡献者入职、社区健康、维护者倦怠、行为准则、指标、法律基础或开源项目采用等问题时使用。
developmentresearch
running-claude-code-via-litellm-copilot
xixu-me
Use when routing Claude Code through a local LiteLLM proxy to GitHub Copilot, reducing direct Anthropic spend, configuring ANTHROPIC_BASE_URL or ANTHROPIC_MODEL overrides, or troubleshooting Copilot proxy setup failures such as model-not-found, no localhost traffic, or GitHub 401/403 auth errors.
developmentapidevops
skills-cli
xixu-me
Use when users ask to discover, install, list, check, update, remove, back up, restore, sync, or initialize Agent Skills, mention `bunx skills`, `npx skills`, `skills.sh`, or `skills-lock.json`, ask "find a skill for X", or want help extending agent capabilities with installable skills.
developmentapiproductivity