I just noticed I was 1 minor verison behind alpine today. I upgraded, also noting that I had missed an rc-update for my cache that allows the website to run. Fortunately I fixed it. Overall I am VERY happy with alpine these days:
- Upgrades are VERY easy (
vim /etc/apk/repositories)Then simply change the # from the old version to the new version
apk update && apk upgrade
- reboot. You are done
- Use the alpine-virt kernel package for guests
- Be sure to edit your inittab file to enable consoles
- enable qemu-guest tools (they seem to have fixed the agent problem it used to have with v 3.17.x)
- I like to add sshguard to keep all the annoying people away w/o worrying about id10t's probing me
- Improve your ssh.conf
# Ciphers and keying RekeyLimit 1G 1H KexAlgorithms firstname.lastname@example.org,diffie-hellman-group18-sha512,diffie$ Ciphers email@example.com,firstname.lastname@example.org,aes128-gcm@openssh$ MACs email@example.com,firstname.lastname@example.org,umac-128-etm@o$ # Limit sessions and its duration MaxAuthTries 2 MaxSessions 5 ClientAliveInterval 30 ClientAliveCountMax 6 TCPKeepAlive no # BE SURE TO GET YOUR SSH KEY INSTALLED BEFORE DOING NO PASSWORDS! PasswordAuthentication no ChallengeResponseAuthentication no PubkeyAuthentication yes # Enable AllowAgentForwarding if you need to jump through this host AllowAgentForwarding no AllowTcpForwarding no X11Forwarding no PrintMotd no Compression no # Restrict SSH usage AllowUsers <user1> <user2>
This makes your ssh much happier.
Also I like to use lnav for log viewing, and caddy for my webserver. I like to use it in 'http/3 mode', with new version of quic enabled as well.