From b7bd46fff8068612e3d2cb8307f43328d02913fa Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 7 Apr 2021 21:11:41 +0200 Subject: [PATCH] saving uncommitted changes in /etc prior to apt run --- .etckeeper | 2 +- resolv.conf | 8 +++++--- ssh/ssh_config | 2 +- ssh/sshd_config | 21 +++++++++++---------- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/.etckeeper b/.etckeeper index 644a0ff..5f53c92 100755 --- a/.etckeeper +++ b/.etckeeper @@ -36,7 +36,7 @@ mkdir -p './tmpfiles.d' mkdir -p './udev/hwdb.d' maybe chmod 0755 '.' maybe chmod 0700 '.etckeeper' -maybe chmod 0644 '.gitignore' +maybe chmod 0600 '.gitignore' maybe chmod 0755 'NetworkManager' maybe chmod 0755 'NetworkManager/dispatcher.d' maybe chmod 0755 'NetworkManager/dispatcher.d/cloud-init-hook-network-manager' diff --git a/resolv.conf b/resolv.conf index 0af19f6..219dcad 100644 --- a/resolv.conf +++ b/resolv.conf @@ -1,3 +1,5 @@ -nameserver 213.133.98.98 -nameserver 213.133.99.99 -nameserver 213.133.100.100 +domain uhu-banane.de +search uhu-banane.de brehm-online.com brehm-berlin.de uhu-banane.net hennig-berlin.org +nameserver 213.133.98.98 +nameserver 213.133.99.99 +nameserver 213.133.100.100 diff --git a/ssh/ssh_config b/ssh/ssh_config index 2e1c960..bb47487 100644 --- a/ssh/ssh_config +++ b/ssh/ssh_config @@ -47,5 +47,5 @@ Host * # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h SendEnv LANG LC_* - HashKnownHosts yes + HashKnownHosts no GSSAPIAuthentication yes diff --git a/ssh/sshd_config b/ssh/sshd_config index e2f34f6..e3711a4 100644 --- a/ssh/sshd_config +++ b/ssh/sshd_config @@ -23,18 +23,18 @@ #RekeyLimit default none # Logging -#SyslogFacility AUTH -#LogLevel INFO +SyslogFacility AUTH +LogLevel INFO # Authentication: #LoginGraceTime 2m -PermitRootLogin yes -#StrictModes yes +PermitRootLogin without-password +StrictModes yes #MaxAuthTries 6 #MaxSessions 10 -#PubkeyAuthentication yes +PubkeyAuthentication yes # Expect .ssh/authorized_keys2 to be disregarded by default in future. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 @@ -54,7 +54,8 @@ PermitRootLogin yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes -#PermitEmptyPasswords no +PasswordAuthentication no +PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) @@ -83,16 +84,16 @@ ChallengeResponseAuthentication no # and ChallengeResponseAuthentication to 'no'. UsePAM yes -#AllowAgentForwarding yes -#AllowTcpForwarding yes +AllowAgentForwarding yes +AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes +PrintLastLog yes +TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 -- 2.39.5