RMU build Gen-1.5: IV. Best Practices - A. Proxmox Security

From Internet Computer Wiki
Revision as of 21:49, 28 February 2024 by Katie.peters (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page is part of the Gen-1.5 RMU build runbook.

Go back to the previous section: III. Maas - E. Configure CHCP Subnet on MaaS

A. Proxmox Security (Recommended)

  1. Enable Proxmox Firewall Datacenter level
    • On the Proxmox WebUI, select Datacenter on the left panel, then in the middle panel, scroll down to Firewall -> Options and select the top Firewall configuration option in the main panel. Click on Edit at the top of the list.
    • Screenshot 2024-02-26 at 3.09.02 PM.png
    • On the pop-up dialog window, tick the Firewall box and select OK
    • Screenshot 2023-12-28 at 11.02.10 AM.png
  2. Enable Proxmox Firewall RMU level
    • On the Proxmox WebUI, select the RMU on the left panel, then in the middle panel, scroll down to Firewall -> Options and select the top Firewall configuration option in the main panel. Click on Edit at the top of the list.
    • Screenshot 2023-12-28 at 11.00.04 AM.png
    • On the pop-up dialog window, tick the Firewall box and select OK
    • Screenshot 2023-12-28 at 11.02.10 AM.png
  3. Disable RPCBIND
    • On the Proxmox WebUI, select the RMU on the left panel
    • Screenshot 2024-01-03 at 3.43.06 PM.png
    • Select Shell in the top right
    • Screenshot 2024-01-03 at 3.43.37 PM.png
    • Run these commands one at a time within that shell prompt
      systemctl disable rpcbind.target
systemctl disable rpcbind.socket
systemctl disable rpcbind.service
systemctl stop rpcbind.target
systemctl stop rpcbind.socket
systemctl stop rpcbind.service

Continue to next section: B. Install RACADM Tool on RMU

Go to the index of the Gen-1.5 RMU build runbook.

Retrieved from "https://wiki.internetcomputer.org/w/index.php?title=RMU_build_Gen-1.5:_IV._Best_Practices_-_A._Proxmox_Security&oldid=7466"