Setup Information

Who is this guide for?

This guide is designed for EarthNode Operators looking to set up their EarthNode server. Whether you're new to decentralized telecom or experienced in blockchain technology, this guide will help you get started quickly and efficiently.

What is in this guide?

Discover best practices for setting up, securing, and maintaining your EarthNode server. Learn how to ensure optimal performance and contribute effectively to the decentralized World Mobile network.

What are the requirements?

- Owning an ENNFT (EarthNode Non-Fungible Token) - Machine requirements (details coming soon)

Prerequisites

Operational Requirements

  • Understand how to set up, operate, and maintain your Earth Node properly.

  • Ensure your Earth Node runs continuously.

Technical Skills

  • Automate tasks with bash scripting & cron jobs.

  • Manage services with Systemd.

  • Understand networking basics, including firewalls and connections.

  • Monitor systems efficiently.

  • Enhance server security.

Minimum Hardware Requirements (TBC)

  • Server: 1-2 CPU cores, 4GB RAM, 64-bit Linux OS, 100GB+ storage.

  • Air-gapped offline machine for secure tasks.

  • Stable broadband.

  • Reliable power supply.

  • Earth Node NFT in your wallet.

Initial Setup

Before we start, we recommend you to:

Step 1.1: SSH to Your Server as Root

1.1 Connect to Your Server

Use the SSH command below to log in to your server with the root user. Replace server.public.ip.address with your server's public IP address.

ssh [email protected]
# Example:
ssh [email protected]
Enter your password

Output Example

After running the command, your terminal should look like this:

root@vps:~# ssh [email protected]

The authenticity of host '77.22.161.10 (77.22.161.10)' can't be established.

ED25519 key fingerprint is SHA256:xXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '77.22.161.10' (ED25519) to the list of known hosts.

[email protected]'s password: ********

Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 5.4.0-144-generic x86_64)

* Documentation: https://help.ubuntu.com

* Management: https://landscape.canonical.com

* Support: https://ubuntu.com/advantage

Last login: Sun Jan 11 14:45:22 2025 from 192.168.1.5

root@vps:~#

What Does the Warning Mean?

When connecting to a server for the first time, SSH verifies the authenticity of the server by asking if you want to continue connecting. This step ensures that you're not unintentionally connecting to an untrusted or malicious server. By entering yes, SSH saves the server's public key to your local machine in the ~/.ssh/known_hosts file. The warning message confirms that the server has been added to this file, preventing the same question on future connections unless the server's key changes.

Step 1.2: Create a New User

Commands

Run the following commands to create a new user and grant them administrative privileges:

sudo useradd -m -s /bin/bash eno
sudo passwd eno
sudo usermod -aG sudo eno

Output Example

Below is an example of what the terminal output looks like after creating and configuring the user:

root@vps:~# sudo useradd -m -s /bin/bash eno

root@vps:~# sudo passwd eno

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

root@vps:~# sudo usermod -aG sudo eno

User 'eno' has been successfully created and added to the sudo group.

Step 1.4: Disable Shell Command History

Commands

Run the following commands to prevent shell history from storing commands system-wide:

echo 'export HISTFILE=/dev/null' | sudo tee -a /etc/profile /etc/bash.bashrc
echo 'export HISTSIZE=0' | sudo tee -a /etc/profile /etc/bash.bashrc
echo 'export HISTFILESIZE=0' | sudo tee -a /etc/profile /etc/bash.bashrc
echo 'set +o history' | sudo tee -a /etc/profile /etc/bash.bashrc
echo -e '#!/bin/bash
history -c && history -w' | sudo tee /etc/bash.bash_logout > /dev/null
sudo chmod +x /etc/bash.bash_logout
while IFS=: read -r username _ uid _ home _; do
  if [ "$uid" -ge 1000 ] && [ -d "$home" ]; then
    echo 'export HISTFILE=/dev/null' | sudo tee -a "$home/.bashrc" "$home/.profile";
    echo 'export HISTSIZE=0' | sudo tee -a "$home/.bashrc" "$home/.profile";
    echo 'export HISTFILESIZE=0' | sudo tee -a "$home/.bashrc" "$home/.profile";
    echo 'set +o history' | sudo tee -a "$home/.bashrc" "$home/.profile";
    echo -e '#!/bin/bash
history -c && history -w' | sudo tee "$home/.bash_logout" > /dev/null;
    sudo chmod +x "$home/.bash_logout";
  fi
done < <(getent passwd)
history -c && history -w

Output Example

After running the commands, your terminal should display the following:

export HISTFILE=/dev/null

export HISTSIZE=0

export HISTFILESIZE=0

set +o history

history -c && history -w

Step 1.3: Deactivate the Root Account

Command

Run the following command to disable the root account and prevent direct login:

sudo passwd -l root

Output Example

Below is an example of the terminal output after disabling the root account:

root@vps:~# sudo passwd -l root

passwd: password expiry information changed.

Root account has been successfully disabled.

Step 1.4: Set the Hostname

Steps

Follow these steps to set the hostname:

sudo nano /etc/hostname
# Replace content with: EN123
# To save and exit Nano:
# Press Ctrl+O, Enter to save the file.
# Then press Ctrl+X to exit Nano.
sudo nano /etc/hosts
127.0.0.1    localhost
127.0.1.1     EN123  -- update this value
# To save and exit Nano:
# Press Ctrl+O, Enter to save the file.
# Then press Ctrl+X to exit Nano.
sudo hostnamectl set-hostname EN123 --static --pretty --transient
ping EN123

Output Example

root@vps:~# sudo nano /etc/hostname

root@vps:~# sudo nano /etc/hosts

127.0.0.1 localhost

127.0.1.1 EN123

root@vps:~# sudo hostnamectl set-hostname EN123 --static --pretty --transient

root@vps:~# ping EN123

PING EN123 (192.168.1.100) 56(84) bytes of data.

64 bytes from EN123 (192.168.1.100): icmp_seq=1 ttl=64 time=0.045 ms

Step 1.5: Update the System

Commands

Run the following commands to update the system:

sudo apt-get update -y && sudo apt-get upgrade -y
sudo apt-get autoremove
sudo apt-get autoclean

Output Example

root@vps:~# sudo apt-get update -y && sudo apt-get upgrade -y

Reading package lists... Done

Building dependency tree... Done

Calculating upgrade... Done

The following packages will be upgraded:

package1 package2 package3

1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

Need to get 10.2 MB of archives.

After this operation, 12.3 MB of additional disk space will be used.

Do you want to continue? [Y/n] Y

root@vps:~# sudo apt-get autoremove

Reading package lists... Done

Building dependency tree... Done

0 packages to remove.

root@vps:~# sudo apt-get autoclean

root@vps:~#

Step 1.6: Install and Configure Unattended-Upgrades

Commands

Run the following commands to install and configure unattended-upgrades:

# Install unattended-upgrades
sudo apt-get install unattended-upgrades -y
sudo dpkg-reconfigure -plow unattended-upgrades  # Say 'Yes' when prompted
# Configure Automatic Updates & Disable Auto Reboot
sudo tee /etc/apt/apt.conf.d/50unattended-upgrades << EOF
Unattended-Upgrade::Origins-Pattern {
    "o=Ubuntu,a=$(lsb_release -sc)-security";  # Apply security updates
    "o=Ubuntu,a=$(lsb_release -sc)-updates";   # Apply recommended updates
};
Unattended-Upgrade::Automatic-Reboot "false";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::SyslogEnable "true";
Unattended-Upgrade::Verbose "true";  # Enable logging of updates
EOF
# Enable and Start the Service
sudo systemctl enable unattended-upgrades
sudo systemctl start unattended-upgrades
# Schedule a Weekly Full System Upgrade (No Reboots)
sudo tee /etc/cron.weekly/system-upgrade << 'EOF'
#!/bin/bash
apt-get update && apt-get dist-upgrade -y && apt-get autoremove -y && apt-get autoclean -y
echo "System upgrade completed. Please check if a reboot is required: sudo cat /var/run/reboot-required"
EOF
sudo chmod +x /etc/cron.weekly/system-upgrade

Output Example

root@vps:~# sudo apt-get install unattended-upgrades -y

Reading package lists... Done

Building dependency tree... Done

The following NEW packages will be installed:

unattended-upgrades

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 54.0 kB of archives.

After this operation, 238 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

root@vps:~# sudo dpkg-reconfigure -plow unattended-upgrades

Configuring unattended-upgrades

[Prompt: Enable automatic updates?]

Yes

root@vps:~# sudo tee /etc/apt/apt.conf.d/50unattended-upgrades << EOF

Unattended-Upgrade::Origins-Pattern {

"o=Ubuntu,a=$(lsb_release -sc)-security";

"o=Ubuntu,a=$(lsb_release -sc)-updates";

};

Unattended-Upgrade::Automatic-Reboot "false";

Unattended-Upgrade::Remove-Unused-Dependencies "true";

Unattended-Upgrade::SyslogEnable "true";

Unattended-Upgrade::Verbose "true";

EOF

root@vps:~# sudo systemctl enable unattended-upgrades

Created symlink /etc/systemd/system/multi-user.target.wants/unattended-upgrades.service → /lib/systemd/system/unattended-upgrades.service.

root@vps:~# sudo systemctl start unattended-upgrades

root@vps:~#

root@vps:~# sudo tee /etc/cron.weekly/system-upgrade << 'EOF'

#!/bin/bash

apt-get update && apt-get dist-upgrade -y && apt-get autoremove -y && apt-get autoclean -y

echo "System upgrade completed. Please check if a reboot is required: sudo cat /var/run/reboot-required"

EOF

root@vps:~# sudo chmod +x /etc/cron.weekly/system-upgrade

Step 2.2: Verify Tailscale Status

Command

Run the following command on your VPS to verify the Tailscale connection:

tailscale status

Output Example

Below is an example of what the terminal output should look like after running the command:

root@vps:~# tailscale status

100.64.0.1 EN123 linux idle

100.64.0.2 your_computer windows online

100.64.0.3 third-device android online

Tailscale is running successfully.

Your VPS is connected to the Tailscale network.

Admin Console

Open the Tailscale admin console in your browser to confirm that your VPS appears as part of your Tailscale network. Look for the device name and IP address listed in the output above.

Step 3: Hardening SSH Configuration

Commands

Run the following commands to apply the hardened SSH configuration to your server:

sudo tee /etc/ssh/sshd_config << EOF
# Core security
PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
PermitEmptyPasswords no
# User restrictions
AllowUsers eno
PermitUserEnvironment no
PermitUserRC no
X11Forwarding no
PermitTTY yes
StrictModes yes
EOF
sudo systemctl restart sshd

Output Example

Below is an example of what the terminal output should look like after running the commands:

root@vps:~# sudo tee /etc/ssh/sshd_config << EOF

# Core security

PermitRootLogin no

PasswordAuthentication no

ChallengeResponseAuthentication no

UsePAM yes

PermitEmptyPasswords no

# User restrictions

AllowUsers eno

PermitUserEnvironment no

PermitUserRC no

X11Forwarding no

PermitTTY yes

StrictModes yes

EOF

root@vps:~# sudo systemctl restart sshd

root@vps:~#

Step 4.1: Setup UFW (Uncomplicated Firewall)

Commands

Run the following commands to configure and enable the firewall:

sudo ufw reset
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow in on tailscale0
sudo ufw enable

Output Example

Below is an example of the terminal output you should see after running the commands:

root@vps:~# sudo ufw reset

Resetting all rules to installed defaults. This may disrupt existing ssh connections.

Proceed with operation (y|n)? y

Backing up existing rules to /etc/ufw/user.rules.20250111_123456

root@vps:~# sudo ufw default deny incoming

Default incoming policy changed to 'deny'.

(Be sure to update your rules accordingly.)

root@vps:~# sudo ufw default allow outgoing

Default outgoing policy changed to 'allow'.

root@vps:~# sudo ufw allow in on tailscale0

Rule added

root@vps:~# sudo ufw enable

Command may disrupt existing ssh connections. Proceed with operation (y|n)? y

Firewall is active and enabled on system startup.

Step 4.2: Test and Verify SSH Configuration

Commands

Run the following commands to test and verify your SSH setup:

# Step 4.2.1: Test Tailscale SSH
ssh eno@EN123
# Step 4.2.2: Test Original SSH Method
ssh username@ip

Output Example

Here’s what you should see in your terminal:

Successful Tailscale Connection

local@machine:~$ ssh eno@EN123

Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 5.4.0-144-generic x86_64)

* Documentation: https://help.ubuntu.com

* Management: https://landscape.canonical.com

* Support: https://ubuntu.com/advantage

Last login: Sun Jan 11 14:45:22 2025 from 100.64.0.1

eno@EN123:~$

Blocked Original SSH Connection

local@machine:~$ ssh username@ip

ssh: connect to host ip port 22: Connection timed out

No longer needed: SSH Key and PAM 2FA Access

Why You Don’t Need This with Tailscale

With Tailscale set up, the connection to your server is secured end-to-end using WireGuard encryption. Only authenticated devices in your Tailscale network can access the server. This eliminates the need for additional authentication steps like SSH keys or 2FA at the connection stage.

Tailscale ensures:

  • Device Authentication: Each device must be authenticated with your Tailscale account, acting as a secure gatekeeper.
  • Access Control: Tailscale’s ACLs (Access Control Lists) allow fine-grained control over who can access your server.
  • Encryption: All traffic between devices in your Tailscale network is encrypted using WireGuard, providing robust security without manual key management.

Conclusion

While SSH keys and PAM-based 2FA remain excellent tools for securing traditional servers, they are no longer necessary with Tailscale’s secure network setup. Tailscale simplifies server access without compromising on security, making these older methods an optional fallback for specific use cases.

4.3 Optional: Secure sudo with Two-Factor Authentication (2FA)

Commands

Follow these steps to set up 2FA for sudo:

# Step 1: Install Google Authenticator PAM Module
sudo apt install libpam-google-authenticator
# Step 2: Configure Google Authenticator for Your User Account
google-authenticator
# Step 3: Edit PAM Configuration for sudo
sudo nano /etc/pam.d/sudo
# Add the following line at the top of the file:
auth required pam_google_authenticator.so

Output Example

Here’s what you should see during setup:

eno@EN123:~$ sudo apt install libpam-google-authenticator

Reading package lists... Done

Building dependency tree... Done

The following NEW packages will be installed:

libpam-google-authenticator

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 56.0 kB of archives.

After this operation, 156 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

eno@EN123:~$ google-authenticator

Do you want authentication tokens to be time-based (y/n) y

Your new secret key is: ABCDEFGHIJKLMNOPQRSTUVWXYZ

Your verification code is 123456

Your emergency scratch codes are:

12345678

23456789

34567890

eno@EN123:~$ sudo nano /etc/pam.d/sudo

auth required pam_google_authenticator.so

Step 4.4: System Control Settings

Commands

Run the following commands to configure and apply the system control settings:

sudo bash -c 'cat > /etc/sysctl.conf <<EOF
### NETWORK SECURITY ###
# IPv4 Settings
## TCP/IP SYN flood protection
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.tcp_synack_retries = 2
## Protection against spoofing attacks
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
## Disable IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
## Disable ICMP redirects
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
## Ignore ICMP broadcasts (mitigate smurf attacks)
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
## Log martian packets
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
## TCP hardening
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_max_tw_buckets = 2000000
net.ipv4.tcp_fin_timeout = 20
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
### IPv6 SECURITY ###
## Disable IPv6 if not needed (comment out if IPv6 is required)
# net.ipv6.conf.all.disable_ipv6 = 1
# net.ipv6.conf.default.disable_ipv6 = 1
# net.ipv6.conf.lo.disable_ipv6 = 1
## IPv6 security settings (if IPv6 is enabled)
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.default.accept_source_route = 0
### KERNEL SECURITY ###
## Memory protection
kernel.kptr_restrict = 2
kernel.dmesg_restrict = 1
kernel.perf_event_paranoid = 3
kernel.yama.ptrace_scope = 2
vm.mmap_min_addr = 65536
vm.mmap_rnd_bits = 32
vm.mmap_rnd_compat_bits = 16
## Core dumps
kernel.core_uses_pid = 1
fs.suid_dumpable = 0
## Address space layout randomization
kernel.randomize_va_space = 2
## File system hardening
fs.protected_fifos = 2
fs.protected_regular = 2
fs.protected_symlinks = 1
fs.protected_hardlinks = 1
## System panic settings (kernel should reboot after 60 seconds on panic)
kernel.panic = 60
kernel.panic_on_oops = 60
### SYSTEM PERFORMANCE ###
## Virtual memory settings
vm.swappiness = 0  # Prevent system from recreating swap partitions on reboot
vm.dirty_ratio = 20
vm.dirty_background_ratio = 5
## File system settings
fs.file-max = 1048576
fs.inotify.max_user_watches = 1048576
EOF'
# Apply the new sysctl settings
sudo sysctl -p

Output Example

Here’s what you should see after applying the new sysctl settings:

eno@EN123:~# sudo sysctl -p

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_max_syn_backlog = 4096

net.ipv4.tcp_synack_retries = 2

net.ipv4.conf.all.rp_filter = 1

net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.all.accept_source_route = 0

fs.file-max = 1048576

fs.inotify.max_user_watches = 1048576

Disable Core Dumps for Security

Core Dumps Commands

Run the following commands to disable core dumps system-wide and for systemd services:

# Disable core dumps system-wide
echo "* hard core 0" | sudo tee -a /etc/security/limits.conf
echo "* soft core 0" | sudo tee -a /etc/security/limits.conf
echo "fs.suid_dumpable = 0" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
# Apply to systemd services
sudo mkdir -p /etc/systemd/system.conf.d
sudo tee /etc/systemd/system.conf.d/nocoredump.conf << EOF
[Manager]
DefaultLimitCORE=0
EOF
sudo systemctl daemon-reexec

Core Dumps Output Example

eno@EN123:~# echo "* hard core 0" | sudo tee -a /etc/security/limits.conf

*(appended to /etc/security/limits.conf)*

eno@EN123:~# echo "* soft core 0" | sudo tee -a /etc/security/limits.conf

*(appended to /etc/security/limits.conf)*

eno@EN123:~# echo "fs.suid_dumpable = 0" | sudo tee -a /etc/sysctl.conf

*(appended to /etc/sysctl.conf)*

eno@EN123:~# sudo sysctl -p

fs.suid_dumpable = 0

...

eno@EN123:~# sudo mkdir -p /etc/systemd/system.conf.d

eno@EN123:~# sudo tee /etc/systemd/system.conf.d/nocoredump.conf << EOF

[Manager]

DefaultLimitCORE=0

EOF

eno@EN123:~# sudo systemctl daemon-reexec

Remove Swap Memory

Swap Removal Commands

Run the following commands to disable and remove all swap:

# Disable and remove all swap
sudo swapoff -a
sudo rm -f /swapfile
sudo sed -i '/swap/d' /etc/fstab
sudo systemctl daemon-reexec

Swap Removal Output Example

eno@EN123:~# sudo swapoff -a

eno@EN123:~# sudo rm -f /swapfile

eno@EN123:~# sudo sed -i '/swap/d' /etc/fstab

eno@EN123:~# sudo systemctl daemon-reexec

Step 4.6 Secure Shared Memory

Commands

Run the following commands to secure shared memory:

# Backup the current fstab file
sudo cp /etc/fstab /etc/fstab.backup
# Add secure shared memory configuration
sudo tee -a /etc/fstab << EOF
tmpfs   /run/shm    tmpfs   ro,noexec,nosuid    0 0
EOF

Output Example

Here’s what the terminal output should look like:

eno@EN123:~# sudo cp /etc/fstab /etc/fstab.backup

eno@EN123:~# sudo tee -a /etc/fstab << EOF

tmpfs /run/shm tmpfs ro,noexec,nosuid 0 0

EOF

eno@EN123:~#

Time Synchronization with Chrony

Commands

Run the following commands to install, configure, and verify Chrony:

# Install Chrony
sudo apt update
sudo apt install -y chrony
# Configure Chrony
sudo bash -c 'cat > /etc/chrony/chrony.conf <<EOF
# Pool of NTP servers
pool time.google.com       iburst minpoll 4 maxpoll 8 maxdelay 0.3 maxsources 3
pool time.cloudflare.com   iburst minpoll 4 maxpoll 8 maxdelay 0.3 maxsources 3
pool ntp.ubuntu.com        iburst minpoll 4 maxpoll 8 maxdelay 0.3 maxsources 3
# Authentication key file
keyfile /etc/chrony/chrony.keys
# Drift file for storing clock frequency variations
driftfile /var/lib/chrony/chrony.drift
# Log directory
logdir /var/log/chrony
# Rate limiting - prevent DDoS/abuse
ratelimit interval 3 burst 8
# Prevent large clock adjustments that could affect system stability
maxupdateskew 100.0
# Enable kernel RTC synchronization
rtcsync
# Step clock if offset is larger than 1 second for first 3 updates
makestep 1.0 3
# Serve time even if not synchronized
local stratum 10
EOF'
# Restart and enable Chrony
sudo systemctl restart chrony.service
sudo systemctl enable chrony.service
# Verify synchronization
chronyc tracking
chronyc sources -v

Output Example

Here’s what you should see after configuring Chrony:

eno@EN123:~# sudo apt update

...

eno@EN123:~# sudo apt install -y chrony

Setting up chrony (4.2-1ubuntu0.1)...

eno@EN123:~# sudo systemctl restart chrony.service

eno@EN123:~# sudo systemctl enable chrony.service

Synchronizing state of chrony.service with SysV service script with /lib/systemd/systemd-sysv-install.

Created symlink /etc/systemd/system/multi-user.target.wants/chrony.service → /lib/systemd/system/chrony.service.

eno@EN123:~# chronyc tracking

Reference ID : A.B.C.D (time.google.com)

Stratum : 2

Ref time (UTC) : Sun Jan 11 14:45:22 2025

System time : 0.000000012 seconds fast of NTP time

Last offset : -0.000012 seconds

RMS offset : 0.000007 seconds

eno@EN123:~# chronyc sources -v

MS Name/IP address Stratum Poll Reach LastRx Last sample

===============================================================================

^* time.google.com 1 6 377 3 -1us[ -10us] +/- 15ms

^+ time.cloudflare.com 2 6 377 8 +2us[ +2us] +/- 20ms

^+ ntp.ubuntu.com 2 6 377 7 +3us[ +3us] +/- 25ms

Join the EarthNode Club

EarthNode Discussions

Join the community to explore setup guides, operator discussions, and resources for running World Mobile EarthNodes.

EarthNode Setup Discussions

Join the community to discuss and improve the EarthNode setup process. Share best practices for secure setup and ongoing maintenance.

Join Discussions

EarthNode Chat

Connect live with EarthNode operators. Discuss network validation, share insights, and get real-time updates on the World Mobile ecosystem.

Join Live Chat