1.5 KiB
1.5 KiB
Forge (192.168.1.16) — Security Baseline
Established: 2026-02-22
SSH Authorized Keys (johan)
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4TEk5EWIwLM3+/pU/H5qxZQlNUvIcxj72bYhYOZeQZ james@server ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4vdTyAAgy6PTsTLy64zQ8HwB3n3N3HQ3VfpLnItN7f johan@ubuntu2404 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICvQUpzuHN/+4xIS5dZSUY1Me7c17EhHRJdP5TkrfD39 claude@macbook ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIpdYKhUPal5p9oI6kN85PAB7oZ+j0P2+xCzvt1rord6 johanjongsma@Johans-MacBook-Pro.local ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5hDM45kOB8jxk+M4Kk9in9bpwZ90sSZsPBMbzJRkbF johan@thinkpad-x1
Expected Users (uid>=1000)
nobody:65534 (system) johan:1000 scanner:1001 (SMB scanner share user — added 2026-02)
Expected Listening Ports
- 22 (SSH)
- 21 (vsftpd — known, ⚠️ review if needed)
- 139/445 (Samba)
- 8030 (message-bridge — all interfaces)
- 8080 (signal-cli — all interfaces)
- 8090 (OCR service — all interfaces)
- 9200 (james-dashboard)
- 9201 (docsys)
- 9202 (Fully dashboard)
- 9300 (dealroom)
- 9877/9878 (node)
- 1984 (vault1984 — dev project, added 2026-03-01)
- 9900 (docproc)
- 18789 (openclaw-gateway — all interfaces)
- 18792 (openclaw browser — localhost)
- 11434 (ollama — localhost)
- 8025 (message-center — localhost)
- 13001 (SSH tunnel to zurich:3001 — localhost)
Known Firewall State
UFW: NOT INSTALLED — ⚠️ no host firewall (relying on router/network controls)
Known Issues at Baseline
- UFW not installed (known deficiency)
- fail2ban not active
- vsftpd running on port 21 — needs review