{"id":754,"date":"2025-07-12T14:43:17","date_gmt":"2025-07-12T12:43:17","guid":{"rendered":"https:\/\/blog.exterra-services.cz\/?p=754"},"modified":"2025-07-12T15:21:16","modified_gmt":"2025-07-12T13:21:16","slug":"hardening-proxmox-ve-hosta","status":"publish","type":"post","link":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/","title":{"rendered":"Hardening Proxmox VE hosta"},"content":{"rendered":"\n<p>Po nasazen\u00ed Proxmox VE hosta nen\u00ed nijak o\u0161et\u0159ena bezep\u010dnost z pohledu p\u0159\u00edstup\u016f ze s\u00edt\u011b ke slu\u017eb\u00e1m jako je SSH, spr\u00e1va PVE atd. Proxmox obsahuje <a href=\"https:\/\/pve.proxmox.com\/pve-docs\/chapter-pve-firewall.html\" target=\"_blank\" rel=\"noreferrer noopener\">firewall postaven\u00fd na tradi\u010dn\u00edch iptables<\/a>. Existuje ale mo\u017enost pou\u017e\u00edt modern\u011bj\u0161\u00ed a flexibiln\u011bj\u0161\u00ed <a href=\"https:\/\/pve.proxmox.com\/pve-docs\/chapter-pve-firewall.html#pve_firewall_nft\" target=\"_blank\" rel=\"noreferrer noopener\">nftables<\/a>. <\/p>\n\n\n\n<p>Nev\u00fdhodou nftables je, \u017ee nelze ud\u011blat &#8222;cluster wide&#8220; konfiguraci p\u0159es v\u0161echny uzly Proxmox clusteru a mus\u00edte konfiguraci ud\u011blat per host. Na druhou stranu, pokud ud\u011bl\u00e1te chybu, neostav\u00edte cel\u00fd cluster ale jen jedin\u00fd uzel.<\/p>\n\n\n\n<p>Za\u010d\u00edn\u00e1me. Nejprve v GUI zapn\u011bte pou\u017eit\u00ed firewallu a povolte nftables.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"549\" height=\"624\" src=\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\" alt=\"\" class=\"wp-image-756\" srcset=\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png 549w, https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2-264x300.png 264w\" sizes=\"(max-width: 549px) 100vw, 549px\" \/><\/figure>\n\n\n\n<p>Nyn\u00ed je t\u0159eba vytvo\u0159it konfigura\u010dn\u00ed soubory \/etc\/nftables.conf. Nadefinujme si skupinz IP adres a protokol\u016f, aby se konfigurace zjednodu\u0161ila.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>steppingstone_hosts (192.168.1.36, 192.168.1.28 ) &#8211; servery, z nich\u017e bude umo\u017en\u011bno p\u0159istupovat na PVE hosty pomoc\u00ed web gui (TCP(8006) nebo SSH (TCP\/22)<\/li>\n\n\n\n<li>pve_hosts (192.168.1.16, 192.168.1.17, 192.168.1.7) &#8211; PVE hosti v clusteru<\/li>\n\n\n\n<li>mgmt_hosts (192.168.1.19) &#8211; servery pro monitoring<\/li>\n<\/ul>\n\n\n\n<p>I slu\u017eby a porty sdru\u017e\u00edme do skupin. N\u00e1sleduje uk\u00e1zkov\u00fd \/etc\/nftables.conf, kter\u00fd omezuje komunikaci pro spr\u00e1vu pouze na opr\u00e1vn\u011bn\u00e9 stepping stone hosty. V\u00edce o nftables jsem psal <a href=\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/01\/25\/centos-8-iptables-umiraji-at-ziji-nftables\/\" target=\"_blank\" rel=\"noreferrer noopener\">v tomto \u010dl\u00e1nku<\/a>.<\/p>\n\n\n\n<p>D\u00e1le omezujeme komunikaci mezi PVE hosty a pro monitoring (zde snmp) p\u0159\u00edstup z monitoring serveru. Abychom m\u011bli p\u0159ehled o p\u0159\u00edpadn\u00fdch pokusech o p\u0159\u00edstup ke spr\u00e1v\u011b, jsou vlo\u017eena dv\u011b pravidla loguj\u00edc\u00ed takov\u00e9 pokusy.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># drop any existing nftables ruleset<br>flush ruleset<br><br># a common table for both IPv4 and IPv6<br>table inet filter {<br><br>        # protocols to allow<br>        set allowed_protocols {<br>                type inet_proto<br>                elements = { icmp, icmpv6 }<br>        }<br><br>        # interfaces to accept any traffic on<br>        set allowed_interfaces {<br>                type ifname<br>                elements = { \"lo\" }<br>        }<br><br>        # stepping stone hosts<br>        set steppingstone_hosts {<br>                type ipv4_addr<br>                elements = { 192.168.1.36, 192.168.1.28 }<br>        }<br><br>      # PVE hosts<br>        set pve_hosts {<br>                type ipv4_addr<br>                elements = { 192.168.1.16, 192.168.1.17, 192.168.1.7}<br>        }<br><br>        # monitoring hosts<br>        set mgmt_hosts {<br>                type ipv4_addr<br>                elements = { 192.168.1.19 }<br>        }<br><br>        # restricted services to allow<br>        set allowed_restricted_tcp_dports {<br>                type inet_service<br>\t flags interval<br>                elements = { ssh, 8006, 5900-5999, 3128 }<br>        }<br><br>        # pve internal communications<br>        set allowed_pve_tcp_dports {<br>                type inet_service<br>\t flags interval<br>              elements = { ssh, 8006, 3128, 5900-5999 }<br>        }<br><br>        set allowed_pve_udp_dports {<br>                type inet_service<br>\t flags interval<br>              elements = { 5404-54059 }<br>        }<br><br>        # mgmt udp services to allow<br>        set allowed_mgmt_udp_dports {<br>                type inet_service<br>                elements = { snmp }<br>        }<br><br>        # mgmt tcp services to allow<br>        set allowed_mgmt_tcp_dports {<br>               type inet_service<br>              elements = { nrpe }<br>        }<br><br>        # this chain gathers all accept conditions<br>        chain allow {<br>                ct state established,related accept<br><br>                meta l4proto @allowed_protocols accept<br>                iifname @allowed_interfaces accept<br>                tcp dport @allowed_restricted_tcp_dports ip saddr @steppingstone_hosts accept  <br>                tcp dport @allowed_pve_tcp_dports ip saddr @pve_hosts accept<br>                udp dport @allowed_pve_udp_dports ip saddr @pve_hosts accept <br>                udp dport @allowed_mgmt_udp_dports ip saddr @mgmt_hosts accept<br>                tcp dport @allowed_mgmt_tcp_dports ip saddr @mgmt_hosts accept<br>                tcp dport ssh log prefix \"[nftables] - Inboud SSH Connection Denied: \" counter drop<br>\t        tcp dport 8006 log prefix \"[nftables] - Inboud SSH Connection Denied: \" counter drop<br>                # log prefix \"[nftables] Inboud Connection Denied: \" counter drop<br>        }<br><br>        # base-chain for traffic to this host<br>        chain INPUT {<br>                type filter hook input priority filter + 20<br>                policy accept<br><br>                jump allow<br>                reject with icmpx type port-unreachable<br>        }<br>}<\/pre>\n\n\n\n<p>Aby logov\u00e1n\u00ed fungovalo, vytvo\u0159te soubor \/etc\/rsyslog.d\/nftables.conf.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">:msg, contains, \"[nftables]\" -\/var\/log\/nftables.log<br>&amp; stop <br><\/pre>\n\n\n\n<p>Ov\u011b\u0159te, \u017ee rsyslog daemon b\u011b\u017e\u00ed a p\u0159\u00edpadn\u011b jej aktivujte.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl status rsyslog<br>systemctl enable --now rsyslog<\/pre>\n\n\n\n<p>Pokud tato konfigurace bude na jednom hostu fungovat, m\u016f\u017eete ji nasadit na zb\u00fdvaj\u00edc\u00ed uzly clusteru.<\/p>\n\n\n\n<p>Samoz\u0159ejm\u011b tuto konfiguraci lze vylep\u0161it, ale po ilustraci snad posta\u010duje.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Po nasazen\u00ed Proxmox VE hosta nen\u00ed nijak o\u0161et\u0159ena bezep\u010dnost z pohledu p\u0159\u00edstup\u016f ze s\u00edt\u011b ke slu\u017eb\u00e1m jako je SSH, spr\u00e1va PVE atd. Proxmox obsahuje firewall postaven\u00fd na tradi\u010dn\u00edch iptables. Existuje ale mo\u017enost pou\u017e\u00edt modern\u011bj\u0161\u00ed a flexibiln\u011bj\u0161\u00ed nftables. Nev\u00fdhodou nftables je, \u017ee nelze ud\u011blat &#8222;cluster wide&#8220; konfiguraci p\u0159es v\u0161echny uzly Proxmox clusteru a mus\u00edte konfiguraci ud\u011blat [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[5],"tags":[],"class_list":["post-754","post","type-post","status-publish","format-standard","hentry","category-technologie","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hardening Proxmox VE hosta | Coffeespot<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hardening Proxmox VE hosta | Coffeespot\" \/>\n<meta property=\"og:description\" content=\"Po nasazen\u00ed Proxmox VE hosta nen\u00ed nijak o\u0161et\u0159ena bezep\u010dnost z pohledu p\u0159\u00edstup\u016f ze s\u00edt\u011b ke slu\u017eb\u00e1m jako je SSH, spr\u00e1va PVE atd. Proxmox obsahuje firewall postaven\u00fd na tradi\u010dn\u00edch iptables. Existuje ale mo\u017enost pou\u017e\u00edt modern\u011bj\u0161\u00ed a flexibiln\u011bj\u0161\u00ed nftables. Nev\u00fdhodou nftables je, \u017ee nelze ud\u011blat &#8222;cluster wide&#8220; konfiguraci p\u0159es v\u0161echny uzly Proxmox clusteru a mus\u00edte konfiguraci ud\u011blat [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\" \/>\n<meta property=\"og:site_name\" content=\"Coffeespot\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-12T12:43:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-12T13:21:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"549\" \/>\n\t<meta property=\"og:image:height\" content=\"624\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Petr \u0160antr\u016f\u010dek\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Napsal(a)\" \/>\n\t<meta name=\"twitter:data1\" content=\"Petr \u0160antr\u016f\u010dek\" \/>\n\t<meta name=\"twitter:label2\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\"},\"author\":{\"name\":\"Petr \u0160antr\u016f\u010dek\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"headline\":\"Hardening Proxmox VE hosta\",\"datePublished\":\"2025-07-12T12:43:17+00:00\",\"dateModified\":\"2025-07-12T13:21:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\"},\"wordCount\":306,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"image\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\",\"articleSection\":[\"Technologie\"],\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\",\"url\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\",\"name\":\"Hardening Proxmox VE hosta | Coffeespot\",\"isPartOf\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\",\"datePublished\":\"2025-07-12T12:43:17+00:00\",\"dateModified\":\"2025-07-12T13:21:16+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage\",\"url\":\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\",\"contentUrl\":\"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png\",\"width\":549,\"height\":624},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.exterra-services.cz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hardening Proxmox VE hosta\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#website\",\"url\":\"https:\/\/blog.exterra-services.cz\/\",\"name\":\"Coffeespot\",\"description\":\"novinky z IT sv\u011bta\",\"publisher\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.exterra-services.cz\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"cs\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\",\"name\":\"Petr \u0160antr\u016f\u010dek\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g\",\"caption\":\"Petr \u0160antr\u016f\u010dek\"},\"logo\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/www.exterra-services.cz\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hardening Proxmox VE hosta | Coffeespot","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/","og_locale":"cs_CZ","og_type":"article","og_title":"Hardening Proxmox VE hosta | Coffeespot","og_description":"Po nasazen\u00ed Proxmox VE hosta nen\u00ed nijak o\u0161et\u0159ena bezep\u010dnost z pohledu p\u0159\u00edstup\u016f ze s\u00edt\u011b ke slu\u017eb\u00e1m jako je SSH, spr\u00e1va PVE atd. Proxmox obsahuje firewall postaven\u00fd na tradi\u010dn\u00edch iptables. Existuje ale mo\u017enost pou\u017e\u00edt modern\u011bj\u0161\u00ed a flexibiln\u011bj\u0161\u00ed nftables. Nev\u00fdhodou nftables je, \u017ee nelze ud\u011blat &#8222;cluster wide&#8220; konfiguraci p\u0159es v\u0161echny uzly Proxmox clusteru a mus\u00edte konfiguraci ud\u011blat [&hellip;]","og_url":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/","og_site_name":"Coffeespot","article_published_time":"2025-07-12T12:43:17+00:00","article_modified_time":"2025-07-12T13:21:16+00:00","og_image":[{"width":549,"height":624,"url":"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png","type":"image\/png"}],"author":"Petr \u0160antr\u016f\u010dek","twitter_card":"summary_large_image","twitter_misc":{"Napsal(a)":"Petr \u0160antr\u016f\u010dek","Odhadovan\u00e1 doba \u010dten\u00ed":"2 minuty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#article","isPartOf":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/"},"author":{"name":"Petr \u0160antr\u016f\u010dek","@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"headline":"Hardening Proxmox VE hosta","datePublished":"2025-07-12T12:43:17+00:00","dateModified":"2025-07-12T13:21:16+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/"},"wordCount":306,"commentCount":0,"publisher":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"image":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png","articleSection":["Technologie"],"inLanguage":"cs","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/","url":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/","name":"Hardening Proxmox VE hosta | Coffeespot","isPartOf":{"@id":"https:\/\/blog.exterra-services.cz\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage"},"image":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png","datePublished":"2025-07-12T12:43:17+00:00","dateModified":"2025-07-12T13:21:16+00:00","breadcrumb":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/"]}]},{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#primaryimage","url":"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png","contentUrl":"https:\/\/blog.exterra-services.cz\/wp-content\/uploads\/2025\/07\/image-2.png","width":549,"height":624},{"@type":"BreadcrumbList","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2025\/07\/12\/hardening-proxmox-ve-hosta\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.exterra-services.cz\/"},{"@type":"ListItem","position":2,"name":"Hardening Proxmox VE hosta"}]},{"@type":"WebSite","@id":"https:\/\/blog.exterra-services.cz\/#website","url":"https:\/\/blog.exterra-services.cz\/","name":"Coffeespot","description":"novinky z IT sv\u011bta","publisher":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.exterra-services.cz\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"cs"},{"@type":["Person","Organization"],"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788","name":"Petr \u0160antr\u016f\u010dek","image":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g","caption":"Petr \u0160antr\u016f\u010dek"},"logo":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/www.exterra-services.cz"]}]}},"_links":{"self":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/754","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/comments?post=754"}],"version-history":[{"count":6,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/754\/revisions"}],"predecessor-version":[{"id":761,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/754\/revisions\/761"}],"wp:attachment":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/media?parent=754"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/categories?post=754"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/tags?post=754"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}