While we emphasize security in our setup documentation, we would like to highlight ways in which you can continue to maintain a secure environment.
Please review this document periodically.
DigitalOcean supports two-factor authentication for your account. Enabling this protects against someone obtaining access to your email account, then your DigitalOcean account where they can issue a root password to your droplet.
To enable, click on the gear icon in the lower-left corner, then ‘Enable 2-factor authentication’ which will prompt for an SMS number and configuring the Google Authenticator app.
SSH provides cryptographic-level security for the server that controls your Bitcoin Machine and wallet. When creating a new droplet, please always select your SSH key.
Not doing so generates a root password sent to your email address. A root password means that anyone could log into your server if they have this password (which could be exposed in any number of ways.) With an SSH key, only someone who possesses the private key (a local file on your computer) can access your server.
We strongly recommend turning the admin off during regular operation, when you are not making changes to your system, such as changing the commission. This will have no effect on the machine’s operation but eliminates a host of potential attack vectors. To do so, in your server, run:
If you wish to access the admin, run:
Afterwards, you may access your admin as before at https://:8081
We will be adding instructions to disable the admin on server reboot.
To ensure your admin session is not saved, when accessing via Firefox or Chrome, do so only in a ‘Private Window’ or in ‘Incognito mode’ (respectively).
If you have previously logged into the admin in a browser without using a private window, you may log out of any saved session by running in your server:
We encourage you to periodically change the admin’s password. See section below ‘What makes for a secure password?’
You may do this by running lamassu-passwd within your server. For example, if your admin’s username is foobar, run:
A bitcoind wallet resides solely on your server, with daily backups encrypted with your PGP key. If your server is secured via SSH, your DigitalOcean account via 2-factor authentication, and your PGP and SSH keys are kept safe-guarded, using bitcoind is the most secure option.
Please review our setup documentation for migrating to bitcoind.
It is important to keep only as much bitcoin in your machine’s wallet as is needed for a day or two’s transactions. This will limit your exposure due to any oversights in security, as well as minimizing the float needed for operation.
Always ensure you’re accessing BitGo via https, that their certificate is valid, and you type their URL directly into your browser (rather than follow a link which may be phishing for your credentials).
Do not use Tor Browser or Tor routing services due to the possibility of malicious Tor exit nodes.
Password security is extremely important for safeguarding your machine or wallet. We recommend periodically reassesing and updating your passwords to the following accounts:
- DigitalOcean (also, add two-factor authentication)
- Lamassu Admin
- BitGo wallet
- Email address (if possible, add two-factor authentication)
Also, keep safe your PGP keypair (important for bitcoind wallets) and SSH keypair. We recommend creating offline backups of these, securely stored.