Hardening Guide

Set Up h-cli
Securely in Minutes

Dedicated user, read-only credentials, scoped access. Deploy h-cli the way you'd deploy any monitoring tool.

1

Create a Dedicated User on Your Managed Devices

On every server, router, or switch that h-cli will connect to, create a dedicated unprivileged user. This is not for the h-cli container — it's for the remote devices h-cli manages.

On your managed Ubuntu / Debian servers
# Create a restricted user for h-cli to SSH into
sudo useradd -m -s /bin/bash hcli
sudo passwd hcli
# No sudo access
sudo deluser hcli sudo 2>/dev/null
# Optional: restrict to specific commands only
sudo usermod -s /bin/rbash hcli
sudo mkdir -p /home/hcli/bin
# Symlink only the commands h-cli needs
for cmd in nmap tcpdump traceroute mtr ping ss ip iptables; do
sudo ln -sf "$(which $cmd)" /home/hcli/bin/ 2>/dev/null
done
# This matches h-cli's default sudo whitelist
# An empty list disables sudo entirely (fail-closed)
# NOTE: h-cli's own containers are already hardened with
# 44 security items, non-root, read-only filesystems, etc.
# This step hardens the REMOTE servers h-cli connects to.
# Lock PATH to only the bin directory
echo 'export PATH=/home/hcli/bin' | sudo tee /home/hcli/.bash_profile
sudo chown root:root /home/hcli/.bash_profile
sudo chmod 644 /home/hcli/.bash_profile
2

Read-Only Device Credentials

Create read-only users on your network devices. h-cli doesn't need write access to provide massive value.

Juniper Junos
# Create read-only login class
set system login class h-cli-readonly permissions [ view view-configuration ]
set system login class h-cli-readonly deny-commands "(clear|request|start|restart|edit|delete|set)"
# Create user with that class
set system login user hcli class h-cli-readonly
set system login user hcli authentication ssh-ed25519 "AAAA...your-public-key..."
Cisco IOS / IOS-XE
! Create read-only user (privilege 1 = show commands only)
username hcli privilege 1 secret 0 YourSecurePassword
! Or with SSH key authentication
ip ssh pubkey-chain
username hcli
key-string
AAAA...your-public-key...
exit
exit
Arista EOS
! Create read-only role
role h-cli-readonly
10 permit command show *
20 deny command .*
! Create user with that role
username hcli role h-cli-readonly nopassword
username hcli ssh-key ssh-ed25519 AAAA...your-public-key...
3

Read-Only API Tokens

Create scoped, read-only tokens for your tools. h-cli can query without modifying anything.

NetBox
# In NetBox UI: Admin > API Tokens > Add Token
# User: hcli
# Write enabled: No
# Permissions: Read-only on all objects
# Store token securely
export NETBOX_TOKEN="your-read-only-token"
export NETBOX_URL="https://netbox.internal.example.com"
Grafana
# In Grafana: Administration > Service Accounts
# Create service account: hcli
# Role: Viewer (not Editor, not Admin)
# Generate token for the service account
export GRAFANA_TOKEN="your-viewer-token"
export GRAFANA_URL="https://grafana.internal.example.com"
EVE-NG
# Create a dedicated EVE-NG user via the web UI
# Role: User (not Admin)
# Assign only the labs h-cli needs access to
export EVENG_USER="hcli"
export EVENG_PASS="your-secure-password"
export EVENG_URL="https://eve-ng.internal.example.com"
4

Network Isolation

On the server where h-cli's containers run, restrict outbound access. Only allow connections to the systems it needs.

UFW (Ubuntu Firewall) — on the server running h-cli containers
# Default deny outgoing from hcli user
sudo ufw default deny outgoing
# Allow only what h-cli needs
sudo ufw allow out to 10.0.0.0/8 port 22 # SSH to network devices
sudo ufw allow out to 10.0.0.0/8 port 830 # NETCONF
sudo ufw allow out to 10.0.0.0/8 port 443 # eAPI / HTTPS APIs
sudo ufw allow out to 10.0.10.5 port 8080 # NetBox
sudo ufw allow out to 10.0.10.6 port 3000 # Grafana
# DNS (required)
sudo ufw allow out to any port 53 # DNS resolution
# Online mode only — allow access to AI provider
sudo ufw allow out to any port 443 # Claude API / LLM provider
# Remove the line above if running fully offline with Ollama/vLLM
sudo ufw enable

h-cli is the AI interface, not the security boundary.

Deploy it like any monitoring tool: read-only credentials, scoped access, restricted source IPs. The Asimov Firewall adds safety — your network controls enforce it.

5

Put It All Together

Store your credentials in an environment file with restricted permissions. Never commit this to git.

Built-in credential scrambler

h-cli includes a credential scrambler that replaces all sensitive values with variable names before they reach the LLM. The AI never sees your actual passwords, tokens, or keys — it only works with references like $NETBOX_TOKEN and $HSSH_KEY. The real values are injected at execution time, outside the LLM context.

/opt/h-cli/.env
# Network device credentials
HSSH_USER=hcli
HSSH_KEY=/home/hcli/.ssh/id_hcli
# NetBox (read-only)
NETBOX_URL=https://netbox.internal.example.com
NETBOX_TOKEN=your-read-only-token
# Grafana (viewer)
GRAFANA_URL=https://grafana.internal.example.com
GRAFANA_TOKEN=your-viewer-token
# EVE-NG (user, not admin)
EVENG_URL=https://eve-ng.internal.example.com
EVENG_USER=hcli
EVENG_PASS=your-secure-password
Lock it down
chmod 600 /opt/h-cli/.env
chown hcli:hcli /opt/h-cli/.env

Security Checklist

Dedicated unprivileged user
Dedicated SSH key pair
Read-only device credentials
Scoped API tokens (no write)
Network firewall rules (no internet)
Env file with 600 permissions
Asimov Firewall (4 x 4 rules)
44 container hardening items

Ready to Try?

h-cli is free and open source. Set up in minutes, start querying your infrastructure immediately.

Get Started on GitHub Request a Demo