One major advantage of Home Assistant is that it’s not dependent on cloud services. Even if you’re only using Home Assistant on a local network, you should take steps to secure your instance.
- Protect your web interface with a password
- Secure your host. Sources could be Red Hat Enterprise Linux 7 Security Guide, CIS Red Hat Enterprise Linux 7 Benchmark, or the Securing Debian Manual.
- Restrict network access to your devices. Set
PermitRootLogin noin your sshd config (usually
/etc/ssh/sshd_config) and to use SSH keys for authentication instead of passwords.
- Don’t run Home Assistant as root – consider the Principle of Least Privilege.
- Keep your secrets safe.
If you want to allow remote access, consider these additional points: