mirror of
https://github.com/home-assistant/home-assistant.io.git
synced 2025-05-02 01:07:36 +00:00
1.8 KiB
1.8 KiB
| title | description | redirect_from |
|---|---|---|
| Securing | Instructions on how to secure your Home Assistant installation. | /getting-started/securing/ |
One major advantage of Home Assistant is that it's not dependent on cloud services. Even if you're only using Home Assistant on a local network, you should take steps to secure your instance.
Checklist
Here's the summary of what you must do to secure your Home Assistant system:
- Configure secrets (but do remember to back them up)
- Regularly keep the system up to date
Remote Access
If you want secure remote access, the easiest option is to use Home Assistant cloud. Other options are to use TLS/SSL to expose your instance to the internet, use a VPN, Tor or an SSH tunnel.
Extras for manual installations
As well as the above we advise that you consider the following to improve security:
- For systems that use SSH set
PermitRootLogin noin your sshd configuration (usually/etc/ssh/sshd_config) and to use SSH keys for authentication instead of passwords. This is particularly important if you enable remote access to your SSH services. - Lock down the host following good practice guidance, for example:
- Securing Debian Manual (this also applies to Raspbian)
- Red Hat Enterprise Linux 7 Security Guide, CIS Red Hat Enterprise Linux 7 Benchmark