# Checklist | Confirming a healthy functional ETH staking node
## :fast\_forward: Quick steps guide
{% hint style="info" %}
The following steps align with our [mainnet guide](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet). You may need to adjust file names and directory locations where appropriate. The core concepts remain the same.
{% endhint %}
### :rocket: Execution client Checklist
| Concern | Solution |
| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Execution client in sync | Ensure your node's block number matches the tip block of a public block explorer. Find your execution client block # with command journalctl -fu execution
Example log output:INFO \[12-06
|
| Ports open | Confirm ports are reachable with an external port checker such as
|
| Check execution client logs for errors | Use the command `journalctl -fu eth1` |
| Understand how to stop/start Execution client | sudo systemctl stop execution
sudo systemctl start execution
|
| Understand how to update my Execution client | Refer to [this quick guide](https://www.coincashew.com/spanish/coins/overview-eth/archived-guides/guide-or-how-to-setup-a-validator-on-eth2-testnet-prater-1/maintenance/updating-execution-client). |
| Reduce bandwidth usage | Refer to [the mainnet guide.](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet/part-iii-tips/reducing-network-bandwidth-usage) |
| Execution client node redundancy | Refer to [the mainnet guide.](https://www.coincashew.com/spanish/coins/overview-eth/part-iii-tips/improving-validator-attestation-effectiveness#strategy-2-eth1-redundancy) |
### :dna: Consensus client Checklist
| Concern | Solution |
| ----------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Installed latest stable release | Refer to [how to update consensus client.](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet/part-ii-maintenance/updating-consensus-client) |
| Beacon chain client can connect to Execution client | Check for a response with the command:curl -H "Content-Type: application/json" -X POST --data '{"jsonrpc":"2.0","method":"web3\_clientVersion","params":\[],"id":67}'
You should receive a response similar to:
{"jsonrpc":"2.0","id":67,"result":"Geth/v1.9.24-stable-cc05b050/linux-amd64/go1.15.5"}
|
| Beacon chain is sync'd to mainnet | Ensure your block number matches the slot# of a [public block explorer](https://beaconcha.in). Find your consensus client's beacon chain slot # with in logs with command `journalctl -fu beacon-chain` |
| Check consensus client's beacon chain logs for errors | Use the command `journalctl -fu consensus` |
| Ports open | Confirm ports are reachable with an external port checker such as
or .
Click here for Port # information.
|
| Understand how to stop/start consensus client | sudo systemctl stop consensus
sudo systemctl start consensus
|
| Understand how to update my consensus client | Refer to this quick guide. |
| Join Discord | Refer to [the mainnet guide](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet/joining-the-community-on-discord-and-reddit) |
### :key2: Consensus Validator Client Checklist
| Concern | Solution |
| -------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Verify keystores are properly imported | Refer to the mainnet guide's section on importing keys. |
| Check validator logs for errors | Use the command `journalctl -fu validator` |
| Verify attestations are working | Check your validators pubkey against a [public block explorer.](https://beaconscan.com) |
| Verified my mnemonic phrase can be restored. | Refer to [the mainnet guide.](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet/part-iii-tips/verifying-your-mnemonic-phrase) |
| Understand how to add more validators | Refer to this [quick guide.](https://www.coincashew.com/spanish/coins/overview-eth/guide-or-how-to-setup-a-validator-on-eth2-mainnet/part-iii-tips/adding-a-new-validator-to-an-existing-setup) |
| Know how to stop/start validator | sudo systemctl stop validator
sudo systemctl start validator
|
| Beacon-node redundancy | Refer to [the mainnet guide.](https://www.coincashew.com/spanish/coins/overview-eth/part-iii-tips/improving-validator-attestation-effectiveness#strategy-4-beacon-node-redundancy) |
### :bricks: Validator Node Security Checklist
| Concern | Solution |
| ------------------------------------------------ | ---------------------------------------------- |
| Secure the root account | Refer to the best security practices document. |
| Connect with SSH Keys Only | Refer to the best security practices document. |
| Harden SSH on a random port | Refer to the best security practices document. |
| Setup 2-FA for SSH (Optional) | Refer to the best security practices document. |
| Secure the Shared Memory | Refer to the best security practices document. |
| Setup a firewall | Refer to the best security practices document. |
| Setup port forwarding on my router | Refer to the best security practices document. |
| Setup intrusion-prevention monitoring | Refer to the best security practices document. |
| Whitelisted my local machine in the ufw firewall | Refer to the best security practices document. |
| Whitelisted my local machine in Fail2ban | Refer to the best security practices document. |
| Verify the listening ports | Refer to the best security practices document. |
### :vertical\_traffic\_light: Validator Node Maintenance and Best Practices Checklist
| Concern | Solution |
| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Enabled automatic OS patching | Refer to the best security practices document. |
| Setup chrony or other NTP time sync service | Refer to the mainnet guide. |
| Setup Prometheus and Grafana Monitoring/Alerts/Dashboard | Refer to the mainnet guide. |
| Understand how to handle a power outage | In case of power outage, you want your validator machine to restart as soon as power is available. In the BIOS settings, change the **Restore on AC / Power Loss** or **After Power Loss** setting to always on. Better yet, install an Uninterruptable Power Supply (UPS). |
| Understand how to migrate consensus clients | Refer to the mainnet guide. |
| Understand how to voluntary exit | Refer to the mainnet guide. |
| Used all available LVM disk space | Refer to the mainnet guide. |
| Understand important directory locations | Refer to the mainnet guide. |