Add note in kiloclaw image why gateway.controlUi.allowInsecureAuth=true #394
Description
When user asks the chat to run a security check, it will report a critical finding.
CRITICAL
gateway.control_ui.insecure_auth— Control UI allows insecure HTTP auth gateway.controlUi.allowInsecureAuth=true means token-only auth over plain HTTP, no device identity verificationFix: disable it, or put it behind HTTPS (Tailscale Serve) or restrict to localhost
The allowInsecureAuth=true is required for the KiloClaw architecture. It doesn't mean "no auth" — it
means "skip OpenClaw's device pairing flow."
SECURITY-NOTES.md in the workspace (agent-visible)
Put a file in the default workspace that the agent reads during a security check. Since the healthcheck skill always runs, it'll encounter this naturally. I can create it now:
SECURITY-NOTES.md — Accepted Risks
gateway.control_ui.insecure_auth (ACCEPTED — by design)
gateway.controlUi.allowInsecureAuth=true is required for the KiloClaw multi-tenant architecture.
This is NOT "no auth." The real auth stack is:
- Browser → CF Worker (JWT validated per user)
- Worker → Fly machine over private network (
fly-force-instance-id) - Gateway authenticates via per-user HMAC
OPENCLAW_GATEWAY_TOKEN
allowInsecureAuth=true only skips OpenClaw's interactive device-pairing flow,
which is impossible in a headless multi-tenant proxy setup.
Why the gateway port is not exposed: Port 18789 is only reachable via
Fly's private network, through the Worker proxy which enforces JWT auth.
Each user is isolated on their own Fly machine.
Risk: Accepted. Rationale: worker-layer JWT + per-machine gateway token
provide equivalent or stronger auth than device pairing for this topology.