Hot wallet masternodes - are they that unsafe?

stonehedge

stonehedge

Well-known member
Foundation Member
Hi,

If somebody is running a masternode under the following conditions:

  • Hot wallet on masternode server
  • Wallet encrypted with 48+ random character/number passphrase
  • All ports other than 9999 closed apart from 22 to own static IP when access is needed.
  • Wallet backed up regularly.
  • Bash cleared each time passphrase is used on server.

What are the actual risks of being hacked and losing funds? To me, it feels low risk if you have wallet backups and strong (and safe) passphrase.

I suppose your security is only as strong as your likelihood not to make mistakes...

Dan
 
I'm running some* hot nodes. Low risk if you do the following:
  • Just make sure your passphrase is very strong.
  • Make sure the passphrase never enters history, e.g use `head -1`
  • Link .bash_history agains /dev/null.
  • Use EC2 security groups wisely, don't use cheap hosters which allow root login by default.
  • Use iptables wisely.
  • Never log in again if the node is running. If something is wrong, terminate the instance and set up a new one.
*) 50+
 
vertoe said:
I'm running some* hot nodes. Low risk if you do the following:
  • Just make sure your passphrase is very strong.
  • Make sure the passphrase never enters history, e.g use `head -1`
  • Link .bash_history agains /dev/null.
  • Use EC2 security groups wisely, don't use cheap hosters which allow root login by default.
  • Use iptables wisely.
  • Never log in again if the node is running. If something is wrong, terminate the instance and set up a new one.
*) 50+
Click to expand...

Wise advice.

I set up quite a few hot wallet masternodes in testnet and it got me thinking about how much simpler the process is.

I love your expression "ensure your passphrase never enters history". I shall apply that systematically and philosophically should I choose to run any hot nodes :)
 
stonehedge said:
Wise advice.

I set up quite a few hot wallet masternodes in testnet and it got me thinking about how much simpler the process is.

I love your expression "ensure your passphrase never enters history". I shall apply that systematically and philosophically should I choose to run any hot nodes :)
Click to expand...

I just put a space in the front of any command you do not want in history.


#darkcoind masternode start pass << goes in history
# darkcoind masternode start pass << no history
 
You must log in or register to reply here.
Back
Top