Skip to content
ShipNode

shipnode harden

View raw .md Open in Claude Open in ChatGPT
Terminal window
npx shipnode harden

Idempotent. Applies:

  • SSH: disable password auth, disable root login, restrict to key auth
  • UFW firewall: allow 22, 80, 443; deny everything else
  • fail2ban: enable with the SSH jail
  • Unattended security upgrades

Pair with shipnode doctor --security to audit afterwards.

Options

Section titled “Options”
FlagPurpose
--config <path>Use a non-default config file.