clawd/memory/security-baselines/forge.md

Forge (192.168.1.16) — Security Baseline

Established: 2026-02-22

SSH Authorized Keys (johan)

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4TEk5EWIwLM3+/pU/H5qxZQlNUvIcxj72bYhYOZeQZ james@server ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4vdTyAAgy6PTsTLy64zQ8HwB3n3N3HQ3VfpLnItN7f johan@ubuntu2404 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICvQUpzuHN/+4xIS5dZSUY1Me7c17EhHRJdP5TkrfD39 claude@macbook ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIpdYKhUPal5p9oI6kN85PAB7oZ+j0P2+xCzvt1rord6 johanjongsma@Johans-MacBook-Pro.local ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5hDM45kOB8jxk+M4Kk9in9bpwZ90sSZsPBMbzJRkbF johan@thinkpad-x1

Expected Users (uid>=1000)

nobody:65534 (system) johan:1000

Expected Listening Ports

• 22 (SSH)
• 21 (vsftpd — known, ⚠️ review if needed)
• 139/445 (Samba)
• 8030 (message-bridge — all interfaces)
• 8080 (signal-cli — all interfaces)
• 8090 (OCR service — all interfaces)
• 9200 (james-dashboard)
• 9201 (docsys)
• 9202 (Fully dashboard)
• 9300 (dealroom)
• 9877/9878 (node)
• 9900 (docproc)
• 18789 (openclaw-gateway — all interfaces)
• 18792 (openclaw browser — localhost)
• 11434 (ollama — localhost)
• 8025 (message-center — localhost)
• 13001 (SSH tunnel to zurich:3001 — localhost)

Known Firewall State

UFW: NOT INSTALLED — ⚠️ no host firewall (relying on router/network controls)

Known Issues at Baseline

• UFW not installed (known deficiency)
• fail2ban not active
• vsftpd running on port 21 — needs review