Pick a file in Files to edit it here.
Ran 1 shell command
● Applied and verified — the key still authenticates, now with SSH forwarding disabled (can't be used as a network pivot if the key ever leaks).
Backup saved.
Here's the honest picture and the two decisions that are genuinely yours to make (this is where I don't want to guess and risk locking you out):
What's already true (good): access = one key (this Hetzner box), over the tunnel only, key-only, no root, firewall + stealth on. So "only this
Hetzner machine reaches it" is done.
One reachability note: FileVault is on, so after a reboot/power-loss the Mac won't come back online until someone enters the password at the console
(PiKVM). That's a security-vs-availability tradeoff you should know about.
← ☐ Lockdown level ☐ Break-glass ✔ Submit →
Access is already limited to this Hetzner key over the tunnel only. How much further should I restrict what that key can DO on the Mac (in case
Hetzner/the key is ever compromised)?
❯ 1. Guardrail: block destructive
A forced-command wrapper that BLOCKS clearly-destructive commands (rm -rf, disk erase, shutdown, user/passwd changes) but allows all
reactor-build + dev/build ops. Low friction, kills the worst case if the key leaks. Recommended.
2. Full build-only whitelist
The key can ONLY run reactor-build's defined operations; ALL arbitrary shell is blocked. Max security, but needs a reactor-build redesign and
future ad-hoc admin must go through PiKVM.
3. Keep current (no command gate)
Hetzner-key-only + tunnel-only + no-forwarding + firewall is enough; keep full shell for the trusted reactors.
4. Type something.
5. Chat about this
Enter to select · Tab/Arrow keys to navigate · Esc to cancel