{"id":"2713c1f8-7309-46a5-be02-7073afdb34aa","shortId":"KvM7yr","kind":"skill","title":"Openclaw Secure Linux Cloud","tagline":"Skills skill by Xixu Me","description":"## Overview\n\nUse this skill for the conservative \"deploy first, expose later\" pattern for\nOpenClaw on a cloud server.\n\nDefault to a private control plane:\n\n- Harden the Linux host before exposing anything.\n- Keep the gateway bound to `127.0.0.1`.\n- Reach the Control UI through an SSH tunnel first.\n- Keep token authentication, pairing, and sandboxing enabled.\n- Start with a narrow tool profile and loosen only with an explicit need.\n\nThis skill is for secure Linux cloud hosting. If the user only wants the\nfastest generic OpenClaw install on a local machine, prefer the official\nOpenClaw onboarding docs instead of forcing this flow.\n\nOpen [`references/REFERENCE.md`](./references/REFERENCE.md) when you need the\ncommand matrix, baseline config shape, checklist, or access-path comparison.\n\n## When To Use\n\nUse this skill when the user mentions any of the following:\n\n- OpenClaw on a cloud server, VM, or other Linux host\n- Secure self-hosting, hardening, or \"run it privately\"\n- Podman, loopback binding, SSH tunneling, or remote Control UI access\n- Tailscale vs reverse proxy for OpenClaw\n- Pairing, sandboxing, token auth, or locked-down tool permissions\n- Reviewing whether an existing OpenClaw host is too exposed\n\nDo not use this skill for:\n\n- General Linux hardening with no OpenClaw component\n- Local single-machine onboarding where remote access is irrelevant\n- Pure local onboarding with no remote-host hardening questions\n- Non-Linux hosting unless the user explicitly wants this Linux-first pattern\n  adapted\n\n## Workflow\n\n### 1. Classify the request\n\nPut the task in one of these buckets before giving detailed guidance:\n\n1. **Fresh deploy**: the user wants to stand up OpenClaw securely on a Linux\n   cloud host from scratch.\n2. **Hardening review**: the user already has OpenClaw running and wants to\n   reduce exposure or audit risky defaults.\n3. **Access-model decision**: the user is choosing between SSH tunneling,\n   Tailscale, or a reverse proxy.\n\n### 2. Start from the secure baseline\n\nUnless the user clearly asks for something else, recommend this baseline:\n\n- Harden the Linux host first: updates, SSH keys, SSH lock-down, and a\n  default-deny inbound firewall matched to the distro.\n- Run OpenClaw under rootless Podman rather than as a root-owned long-lived\n  process.\n- Keep the gateway on loopback only.\n- Keep the Control UI private and access it through an SSH tunnel.\n- Require token authentication.\n- Keep pairing enabled for inbound messaging channels.\n- Start with a minimal tool set and sandbox sessions by default.\n\nTreat these as explicit red flags:\n\n- Binding the gateway to `0.0.0.0`\n- Opening port `18789` to the public internet\n- Turning on broad runtime, filesystem, automation, or browser access by\n  default\n- Leaving `~/.openclaw` readable by other local users\n\n### 3. Separate local and server actions\n\nAlways distinguish between:\n\n- **Local machine actions**: SSH key generation, tunnel setup, browser access\n- **Server actions**: Linux hardening, Podman install path, OpenClaw service\n  setup, config permissions, service restarts\n\nDo not blur the two execution contexts together. The user should be able to\ntell which commands run on their laptop and which run on the Linux host.\n\n### 4. Ask only for blocking facts\n\nOnly stop for missing facts that change the safe path, such as:\n\n- Linux distro and host access details when package-manager or firewall\n  commands matter\n- Whether OpenClaw is already installed\n- Whether the user truly needs repeated remote private access or public access\n- Whether an existing deployment is already reachable from the internet\n\nIf a detail is not safety-critical, make the reasonable secure assumption and\nstate it.\n\n### 5. Use the access escalation ladder\n\nRecommend remote access in this order:\n\n1. **SSH tunnel**: default for first deployment and personal use\n2. **Tailscale**: next step when the user needs repeated private access across\n   trusted devices\n3. **Reverse proxy**: only when the user explicitly needs public exposure and\n   accepts the extra hardening burden\n\nIf the user asks for Tailscale or reverse proxy, still explain why the loopback\nbinding and private-first model remain the baseline.\n\n## Output Expectations\n\nFor a fresh deployment, provide:\n\n- A short architecture summary\n- Local-vs-server steps\n- A conservative config baseline\n- A pre-launch checklist\n- A short \"what not to expose\" warning\n\nFor a hardening review, provide:\n\n- The likely risks in the current setup\n- A prioritized remediation sequence\n- Any immediate exposure concerns to fix before anything else\n\nFor an access-path decision, provide:\n\n- A recommendation\n- Why it is the lowest-risk fit\n- What extra safeguards are required if the user chooses a broader exposure\n  model\n\n## Common Mistakes\n\n- Treating OpenClaw like a normal public web app on day one\n- Assuming auth alone replaces network boundaries\n- Turning on more tool power before the user has a clear workflow that needs it\n- Disabling pairing just to save time during early setup\n- Skipping follow-up audits after changing config or sandbox settings\n\n## Reference Usage\n\nUse [`references/REFERENCE.md`](./references/REFERENCE.md) when you need:\n\n- The cross-distro hardening flow and Debian/Ubuntu example commands\n- The Podman-based OpenClaw setup outline\n- The baseline config skeleton\n- The pre-launch checklist\n- The day-to-day audit commands\n- The SSH tunnel vs Tailscale vs reverse-proxy comparison","tags":["openclaw","secure","linux","cloud","skills","xixu-me"],"capabilities":["skill","source-xixu-me","category-skills"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/xixu-me/skills/openclaw-secure-linux-cloud","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"install_from":"skills.sh"}},"qualityScore":"0.300","qualityRationale":"deterministic score 0.30 from registry signals: · indexed on skills.sh · published under xixu-me/skills","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill:v1","enrichmentVersion":1,"enrichedAt":"2026-04-24T02:40:12.233Z","embedding":null,"createdAt":"2026-04-18T20:23:41.911Z","updatedAt":"2026-04-24T02:40:12.233Z","lastSeenAt":"2026-04-24T02:40:12.233Z","tsv":"'/.openclaw':438 '/references/reference.md':111,801 '0.0.0.0':418 '1':244,260,592 '127.0.0.1':46 '18789':421 '2':278,313,602 '3':296,444,616 '4':505 '5':580 'abl':489 'accept':628 'access':124,169,215,298,381,434,462,527,550,553,583,588,612,716 'access-model':297 'access-path':123,715 'across':613 'action':449,455,464 'adapt':242 'alon':758 'alreadi':283,540,559 'alway':450 'anyth':40,711 'app':752 'architectur':665 'ask':323,506,636 'assum':756 'assumpt':576 'audit':293,790,836 'auth':179,757 'authent':58,389 'autom':431 'base':818 'baselin':118,318,329,655,675,823 'bind':162,414,647 'block':509 'blur':479 'bound':44 'boundari':761 'broad':428 'broader':740 'browser':433,461 'bucket':255 'burden':632 'category-skills' 'chang':517,792 'channel':396 'checklist':121,680,830 'choos':304,738 'classifi':245 'clear':322,772 'cloud':4,26,82,144,274 'command':116,493,535,814,837 'common':743 'comparison':126,847 'compon':207 'concern':707 'config':119,473,674,793,824 'conserv':16,673 'context':483 'control':32,49,167,377 'critic':571 'cross':807 'cross-distro':806 'current':698 'day':754,833,835 'day-to-day':832 'debian/ubuntu':812 'decis':300,718 'default':28,295,345,407,436,595 'default-deni':344 'deni':346 'deploy':17,262,557,598,661 'detail':258,528,566 'devic':615 'disabl':777 'distinguish':451 'distro':352,524,808 'doc':103 'earli':784 'els':326,712 'enabl':62,392 'escal':584 'exampl':813 'execut':482 'exist':189,556 'expect':657 'explain':643 'explicit':74,235,411,623 'expos':19,39,194,686 'exposur':291,626,706,741 'extra':630,731 'fact':510,515 'fastest':90 'filesystem':430 'firewal':348,534 'first':18,55,240,334,597,651 'fit':729 'fix':709 'flag':413 'flow':108,810 'follow':140,788 'follow-up':787 'forc':106 'fresh':261,660 'gateway':43,371,416 'general':201 'generat':458 'generic':91 'give':257 'guidanc':259 'harden':34,155,203,226,279,330,466,631,690,809 'host':37,83,150,154,191,225,231,275,333,504,526 'immedi':705 'inbound':347,394 'instal':93,468,541 'instead':104 'internet':425,563 'irrelev':217 'keep':41,56,369,375,390 'key':337,457 'ladder':585 'laptop':497 'later':20 'launch':679,829 'leav':437 'like':694,747 'linux':3,36,81,149,202,230,239,273,332,465,503,523 'linux-first':238 'live':367 'local':96,208,219,442,446,453,668 'local-vs-serv':667 'lock':182,340 'lock-down':339 'locked-down':181 'long':366 'long-liv':365 'loopback':161,373,646 'loosen':70 'lowest':727 'lowest-risk':726 'machin':97,211,454 'make':572 'manag':532 'match':349 'matrix':117 'matter':536 'mention':136 'messag':395 'minim':400 'miss':514 'mistak':744 'model':299,652,742 'narrow':66 'need':75,114,546,609,624,775,804 'network':760 'next':604 'non':229 'non-linux':228 'normal':749 'offici':100 'onboard':102,212,220 'one':252,755 'open':109,419 'openclaw':1,23,92,101,141,175,190,206,269,285,354,470,538,746,819 'order':591 'outlin':821 'output':656 'overview':10 'own':364 'packag':531 'package-manag':530 'pair':59,176,391,778 'path':125,469,520,717 'pattern':21,241 'permiss':185,474 'person':600 'plane':33 'podman':160,357,467,817 'podman-bas':816 'port':420 'power':766 'pre':678,828 'pre-launch':677,827 'prefer':98 'priorit':701 'privat':31,159,379,549,611,650 'private-first':649 'process':368 'profil':68 'provid':662,692,719 'proxi':173,312,618,641,846 'public':424,552,625,750 'pure':218 'put':248 'question':227 'rather':358 'reach':47 'reachabl':560 'readabl':439 'reason':574 'recommend':327,586,721 'red':412 'reduc':290 'refer':797 'references/reference.md':110,800 'remain':653 'remedi':702 'remot':166,214,224,548,587 'remote-host':223 'repeat':547,610 'replac':759 'request':247 'requir':387,734 'restart':476 'revers':172,311,617,640,845 'reverse-proxi':844 'review':186,280,691 'risk':695,728 'riski':294 'root':363 'root-own':362 'rootless':356 'run':157,286,353,494,500 'runtim':429 'safe':519 'safeguard':732 'safeti':570 'safety-crit':569 'sandbox':61,177,404,795 'save':781 'scratch':277 'secur':2,80,151,270,317,575 'self':153 'self-host':152 'separ':445 'sequenc':703 'server':27,145,448,463,670 'servic':471,475 'session':405 'set':402,796 'setup':460,472,699,785,820 'shape':120 'short':664,682 'singl':210 'single-machin':209 'skeleton':825 'skill':5,6,13,77,132,199 'skip':786 'someth':325 'source-xixu-me' 'ssh':53,163,306,336,338,385,456,593,839 'stand':267 'start':63,314,397 'state':578 'step':605,671 'still':642 'stop':512 'summari':666 'tailscal':170,308,603,638,842 'task':250 'tell':491 'time':782 'togeth':484 'token':57,178,388 'tool':67,184,401,765 'treat':408,745 'truli':545 'trust':614 'tunnel':54,164,307,386,459,594,840 'turn':426,762 'two':481 'ui':50,168,378 'unless':232,319 'updat':335 'usag':798 'use':11,129,130,197,581,601,799 'user':86,135,234,264,282,302,321,443,486,544,608,622,635,737,769 'vm':146 'vs':171,669,841,843 'want':88,236,265,288 'warn':687 'web':751 'whether':187,537,542,554 'workflow':243,773 'xixu':8","prices":[{"id":"dd0a3309-9821-469c-b5a5-03d8147f5ae8","listingId":"2713c1f8-7309-46a5-be02-7073afdb34aa","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"xixu-me","category":"skills","install_from":"skills.sh"},"createdAt":"2026-04-18T20:23:41.911Z"}],"sources":[{"listingId":"2713c1f8-7309-46a5-be02-7073afdb34aa","source":"github","sourceId":"xixu-me/skills/openclaw-secure-linux-cloud","sourceUrl":"https://github.com/xixu-me/skills/tree/main/skills/openclaw-secure-linux-cloud","isPrimary":false,"firstSeenAt":"2026-04-18T22:19:16.486Z","lastSeenAt":"2026-04-24T00:56:33.880Z"},{"listingId":"2713c1f8-7309-46a5-be02-7073afdb34aa","source":"skills_sh","sourceId":"xixu-me/skills/openclaw-secure-linux-cloud","sourceUrl":"https://skills.sh/xixu-me/skills/openclaw-secure-linux-cloud","isPrimary":true,"firstSeenAt":"2026-04-18T20:23:41.911Z","lastSeenAt":"2026-04-24T02:40:12.233Z"}],"details":{"listingId":"2713c1f8-7309-46a5-be02-7073afdb34aa","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"xixu-me","slug":"openclaw-secure-linux-cloud","source":"skills_sh","category":"skills","skills_sh_url":"https://skills.sh/xixu-me/skills/openclaw-secure-linux-cloud"},"updatedAt":"2026-04-24T02:40:12.233Z"}}