Tag / server

  • February 23, 2016 - Tom Hacohen

    Running letsencrypt as an Unprivileged User

    Running letsencrypt as an unprivileged user (non-root) is surprisingly easy, and even more surprisingly undocumented. There is no mention in the official documentation, nor was I able to find anything online. There are alternative clients that were designed to be run as unprivileged, but they are not as beginner-friendly as the official one. Personally, I’ve switched to acme-tiny (and created an AUR package for it). Its much smaller and lets me have an even more secure setup. Why would you want to bother with this? One word: security. You should always strive to run every process with the lowest privileges possible because this reduces the chances of data loss as a result of a bug. More importantly, this reduces the chances of your server being compromised and thus improves overall security. Summary In this tutorial we will setup letsencrypt to run as an unprivileged user using the webroot plugin. This […]

    Read More