saving uncommitted changes in /etc prior to apt run

diff --git a/.etckeeper b/.etckeeper
index 644a0ffc0d45a256a2ba5c77e88e427eadb1d3e1..5f53c9219d4b787f0d230c889843808483404656 100755 (executable)
--- a/.etckeeper
+++ b/.etckeeper
@@ -36,7 +36,7 @@ mkdir -p './tmpfiles.d'
 mkdir -p './udev/hwdb.d'
 maybe chmod 0755 '.'
 maybe chmod 0700 '.etckeeper'
-maybe chmod 0644 '.gitignore'
+maybe chmod 0600 '.gitignore'
 maybe chmod 0755 'NetworkManager'
 maybe chmod 0755 'NetworkManager/dispatcher.d'
 maybe chmod 0755 'NetworkManager/dispatcher.d/cloud-init-hook-network-manager'

diff --git a/resolv.conf b/resolv.conf
index 0af19f63591f55462597cdb5a71db85d6b1f2b10..219dcad228298259e92fb9b67202ffcb41aee908 100644 (file)
--- a/resolv.conf
+++ b/resolv.conf
@@ -1,3 +1,5 @@
-nameserver 213.133.98.98
-nameserver 213.133.99.99
-nameserver 213.133.100.100
+domain         uhu-banane.de
+search         uhu-banane.de brehm-online.com brehm-berlin.de uhu-banane.net hennig-berlin.org
+nameserver     213.133.98.98
+nameserver     213.133.99.99
+nameserver     213.133.100.100

diff --git a/ssh/ssh_config b/ssh/ssh_config
index 2e1c9604f6df5b45295e752aa258be3c28a56e66..bb4748787f2f342fca22dc63e9a855112c8e2b17 100644 (file)
--- a/ssh/ssh_config
+++ b/ssh/ssh_config
@@ -47,5 +47,5 @@ Host *
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 #   RekeyLimit 1G 1h
     SendEnv LANG LC_*
-    HashKnownHosts yes
+    HashKnownHosts no
     GSSAPIAuthentication yes

diff --git a/ssh/sshd_config b/ssh/sshd_config
index e2f34f6b8a52301ba3078074a8500bbe88794e7b..e3711a42f44c699213a2deedc0ae540df8f7bc2b 100644 (file)
--- a/ssh/sshd_config
+++ b/ssh/sshd_config
@@ -23,18 +23,18 @@
 #RekeyLimit default none
 
 # Logging
-#SyslogFacility AUTH
-#LogLevel INFO
+SyslogFacility AUTH
+LogLevel INFO
 
 # Authentication:
 
 #LoginGraceTime 2m
-PermitRootLogin yes
-#StrictModes yes
+PermitRootLogin without-password
+StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
 
-#PubkeyAuthentication yes
+PubkeyAuthentication yes
 
 # Expect .ssh/authorized_keys2 to be disregarded by default in future.
 #AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
@@ -54,7 +54,8 @@ PermitRootLogin yes
 
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
-#PermitEmptyPasswords no
+PasswordAuthentication no
+PermitEmptyPasswords no
 
 # Change to yes to enable challenge-response passwords (beware issues with
 # some PAM modules and threads)
@@ -83,16 +84,16 @@ ChallengeResponseAuthentication no
 # and ChallengeResponseAuthentication to 'no'.
 UsePAM yes
 
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
+AllowAgentForwarding yes
+AllowTcpForwarding yes
 #GatewayPorts no
 X11Forwarding yes
 #X11DisplayOffset 10
 #X11UseLocalhost yes
 #PermitTTY yes
 PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
+PrintLastLog yes
+TCPKeepAlive yes
 #PermitUserEnvironment no
 #Compression delayed
 #ClientAliveInterval 0