Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Security of Masternodes
You will want to secure your machine with multiple levels of security. Within a few minutes of the machine being up, bots and hackers attempt to login and probe it for weakness.
At a minimum, you will want to setup UFW (Uncomplicated Fire Wall) and fail2ban.
The below commands give an example of how to set this up.
apt install ufw ufw allow ssh/tcp ufw limit ssh/tcp ufw allow 30303/tcp ufw allow 30303/udp ufw logging on ufw enable ufw status
Port 30303 is the only port required for use by tomo. There is optional ports 8595 and 8596 tcp that can be used for the API, however opening the API is a security risk and only for advanced users.
apt install fail2ban echo -e "# Permanently ban 7+ tries\n[DEFAULT]\nbantime = -1\n\n[sshd]\nenabled = true\nport = ssh\nfilter = sshd\nlogpath = /var/log/auth.log\nmaxretry = 7" > /etc/fail2ban/jail.local systemctl start fail2ban systemctl enable fail2ban fail2ban-client reload fail2ban-client status sshd
Note that the above permanently bans any ssh connection trying more than 7 times; THIS INCLUDES YOURSELF