Secure Your Hermes Agent Server — Best Practices
Harden your Hermes Agent deployment with firewall rules, SSH keys, approval workflows, and best practices.
An exposed Hermes agent is a serious security risk — it has shell access, your API keys, and memory of your conversations. Five minutes of hardening prevents the most common attack vectors.
Before you start:
- ☑Hermes Agent deployed on a VPS or server
- ☑SSH access to the server
- ☑Basic familiarity with ufw and SSH config
Steps
- 1
Use SSH keys only
Disable password auth in /etc/ssh/sshd_config and use SSH key pairs
- 2
Configure firewall
Use ufw to allow only SSH (22) and any webhook ports Hermes needs
- 3
Enable Tirith approvals
Set tirith: enabled: true so dangerous commands require your approval
- 4
Restrict allowed contacts
Whitelist specific user IDs in each channel config to prevent unauthorized access
- 5
Keep Hermes updated
Run hermes update regularly to get security patches
- 6
Use environment variables
Store API keys in .env files instead of config.yaml — never commit secrets to git
Pro Tips
- 💡The single most impactful step: set 'allowed_user_ids' for every connected channel. Without this, anyone who discovers your bot can interact with your agent.
- 💡Store API keys in a .env file and reference them in config.yaml — never commit config.yaml to git if it contains secrets
- 💡Enable Tirith approvals for shell commands — this gives you a human-in-the-loop safety net for dangerous operations
Troubleshooting
❌ Unknown users are messaging the Hermes Telegram bot
✅ Add 'telegram: allowedUserIds: [YOUR_USER_ID]' to config.yaml immediately. Get your user ID from @userinfobot on Telegram. Restart Hermes to apply.
❌ API keys showing up in logs
✅ Set 'logging: redactSecrets: true' in config.yaml. Also ensure your log files are not world-readable: 'chmod 600 ~/.hermes/logs/*.log'.
❌ Firewall blocking legitimate webhook traffic
✅ If using strict firewall rules, allow Telegram's IP ranges or switch to polling mode which needs no inbound connections.