Fabian Affolter 481320128f Re-organisation Documentation and Getting started (#2055)
* Split MQTT documentation

* Add more details

* Move content to /docs

* Enable sidebar

* Move content to /docs

* Enable sidebar

* Move content

* Update links

* Remove wizard stuff

* Enable sidebar

* Minor changes

* Move MQTT parts to /docs

* update links

* Update links and sync content

* Fix link

* Enable sidebar

* Remove navigation

* Remove navigation and other minor updates

* Update links

* Add overview page

* Make title linkable

* Update

* Plit content

* Update links

* Rearrange content

* New getting-started section

* Add icons for docs

* Update for new structure

* Update for new structure

* Add docs navigation

* Add docs overview page

* Remove ecosystem navigation

* Add docs and remove other collections

* Move ecosystem to docs

* Remove duplicate files

* Re-add ecosystem overview

* Move to ecosystem

* Fix permission

* Update navigation

* Remove collection

* Move overview to right folder

* Move mqtt to upper level

* Move notebook to ecosystem

* Remove un-used files

* Add one more rectangle for iOS

* Move two parts back from docs and rename Run step

* Remove colon

* update getting-started section

* Add redirect

* Update

* Update navigation
2017-02-23 11:09:41 +01:00

31 lines
1.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: page
title: "Securing"
description: "Instructions how to secure your Home Assistant installation."
date: 2016-10-06 06:00
sidebar: true
comments: false
sharing: true
footer: true
redirect_from: /getting-started/securing/
---
One major advantage of Home Assistant is that it's not dependent on cloud services. Even if you're only using Home Assistant on a local network, you should take steps to secure your instance.
### {% linkable_title Checklist %}
- [Protect your web interface with a password](https://home-assistant.io/getting-started/basic/#password-protecting-the-web-interface)
- Secure your host. Sources could be [Red Hat Enterprise Linux 7 Security Guide](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/Security_Guide/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US.pdf), [CIS Red Hat Enterprise Linux 7 Benchmark](https://benchmarks.cisecurity.org/tools2/linux/CIS_Red_Hat_Enterprise_Linux_7_Benchmark_v1.0.0.pdf), or the [Securing Debian Manual](https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html).
- Restrict network access to your devices. Set `PermitRootLogin no` in your sshd config (usually `/etc/ssh/sshd_config`) and to use SSH keys for authentication instead of passwords.
- Don't run Home Assistant as root consider the Principle of Least Privilege.
- Keep your [secrets](/topics/secrets/) safe.
If you want to allow remote access, consider these additional points:
- Protect your communication with [TLS](/blog/2015/12/13/setup-encryption-using-lets-encrypt/)
- Protect your communication with [Tor](/cookbook/tor_configuration/)
- Protect your communication with a [self-signed certificate](/cookbook/tls_self_signed_certificate/)
- Use a [proxy](/cookbook/apache_configuration/)