System Security

System security of the host is obviously of paramount importance, as a compromise of that allows the compromise of each guest - running or not.

Security Notes

The host system is only running two services which are externally visible:

openssh

openssh is open to the world, such that you may connect to the km-shell. To increase security the service will only accept key-based authentication.

The fingerprint of the host machine is:

e7:57:e1:cb:a5:39:3c:77:80:74:0a:69:c1:94:02:50.
rsync

rsync is running upon the host, but firewalled such that it may only be accessed from the IP address of the guests.

(rsync is running such that you may upload/download an external kernel for your machine to boot. See the documentation for further details.)