CHAIN DIGITAL | services for nodes
  • About CHAIN DIGITAL
  • Testnets
    • Celestia
      • Install
        • Full node
        • Bridge node
      • Upgrade
      • API/Snapshot/AddrBook
      • Useful Commands
      • Monitoring a Celestia consensus node
      • Celestia Validator monitoring guide with tenderduty
    • Walrus
      • Guide for Node Operators
  • MAINNETS
    • Celestia
      • Install
        • Full node
        • Bridge node
      • Upgrade
      • Useful Commands
    • Kusama
      • Install
      • Upgrade
      • RPC and Snapshot
      • Useful Commands
    • Polkadot
      • Install
      • Upgrade
      • RPC and Snapshot
      • Useful Commands
    • Sui
      • Sui Full Node
      • Sui Validator Node
  • VALIDATOR SECURITY
    • Server Security for Validators
Powered by GitBook
On this page
  1. VALIDATOR SECURITY

Server Security for Validators

PreviousSui Validator Node

Last updated 8 months ago

For an in-depth guide on securing validator nodes, refer to .

This article provides a comprehensive guide on securing a server, particularly for blockchain validators.

It covers essential steps such as changing the default SSH port, setting up a non-root user, enforcing private key login, and configuring a firewall using UFW and fail2ban.

It also explains secure validator key management using TMKMS for remote signing, automatic failover with Keepalived, and Shamir’s Secret Sharing for key splitting.

Additionally, it introduces sentry nodes to mitigate DDoS attacks. These strategies aim to enhance both server and validator security.

How to Secure Your Server: From Changing the SSH Port to Managing Validator Keys with TMKMS