SECURITY • OpenClaw quick fix

Tailscale-exposed gateway? Do not leave `auth=none`.

A fresh OpenClaw field signal pointed at an upstream gateway hardening commit that rejects Tailscale-exposed gateways when auth is disabled. Treat that as a useful operator rule even before you depend on the guard: if a gateway is reachable from another device, teammate, tunnel, or shared network, `auth=none` is not a safe steady state. Snapshot first, switch to token/TLS-backed access, and smoke-test from the network path your agents actually use.

In simple words: Make a safe copy if the step could change your setup, try the smallest check, then confirm OpenClaw is back to normal before doing more. The source link and commands stay below for people who want the technical detail.

Checklist

Inventory every OpenClaw gateway bind address, tunnel, Tailscale hostname, reverse proxy, and shared host where another machine could reach the gateway.

Exposure review before changing auth

- Is the gateway bound only to localhost, or reachable on a Tailscale/shared-network address?
- Is any tunnel, reverse proxy, firewall rule, or container port publishing the gateway?
- Is auth explicitly token/TLS backed, or effectively disabled as `auth=none`?
- Which agent profile or CLI command must still work after auth is tightened?

If the gateway is reachable over Tailscale or any shared network, remove `auth=none` before resuming unattended agent work; do not count VPN membership as gateway authentication.

Create a verified backup or rollback note before changing gateway auth, tokens, TLS, service files, or remote-agent config.

Restart the gateway with your normal supervisor and confirm unauthorized requests fail while the intended CLI/agent profile still connects.

Smoke-test expectation

# After switching away from auth=none and restarting:
# 1. An unauthenticated request from the reachable network path should fail.
# 2. Your intended CLI/agent profile should pass its normal gateway/auth probe.
# 3. Keep the previous config/backup label until one real agent run succeeds.

Record the new auth mode, token-rotation owner, exposed hostname, and smoke-test result so the next update does not silently reopen the no-auth path.

Success looks like

• No Tailscale, tunnel, reverse-proxy, container-published, or shared-network gateway is running with `auth=none`.

• Unauthorized requests fail from the network path that used to reach the gateway, while the intended operator/agent path still works.

• The auth change has a dated rollback note and token owner instead of being a one-off config edit.

Source: GitHub commit + X field signal · link

Before the next risky OpenClaw change

Turn this quick fix into a repeatable rollback path.

If this touches tokens, providers, upgrades, plugins, or shared-agent settings, do the free check first — then use a verified snapshot and one restore drill before trusting unattended work again.

What OpenClaw Safety Net adds

gateway auth-change worksheet with exposure inventory, negative test, positive test, and rollback trigger fields
pre-change snapshot and config-diff scripts to prove the current state before auth changes
closeout record so the next gateway restart or upgrade does not silently reopen the no-auth path

Use the free fix when: you only need to unblock this one low-risk change and can write the backup label, smoke result, and rollback trigger in your own notes.

Buy when: this same risk will happen again, another person needs to repeat the fix, or you want a purchase-to-first-GREEN receipt, restore drill, and written rollback record before agents run unattended.

Do not buy yet if: you have not tried the free checklist, you need live support, or you are not ready to make a verified backup before changing a working setup.

Use OpenClaw Safety Net before the risky change →

Free fix first; buy the playbook only when the rollback path needs a repeatable first-GREEN proof record.

Have a high‑value nugget? Submit it.