I just noticed I was 1 minor verison behind alpine today. I upgraded, also noting that I had missed an rc-update for my cache that allows the website to run. Fortunately I fixed it. Overall I am VERY happy with alpine these days:
- Upgrades are VERY easy (
vim /etc/apk/repositories)Then simply change the # from the old version to the new version apk update && apk upgrade- reboot. You are done
- Use the alpine-virt kernel package for guests
- Be sure to edit your inittab file to enable consoles
- enable qemu-guest tools (they seem to have fixed the agent problem it used to have with v 3.17.x)
- I like to add sshguard to keep all the annoying people away w/o worrying about id10t's probing me
- Improve your ssh.conf
# Ciphers and keying
RekeyLimit 1G 1H
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie$
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh$
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@o$
# Limit sessions and its duration
MaxAuthTries 2
MaxSessions 5
ClientAliveInterval 30
ClientAliveCountMax 6
TCPKeepAlive no
# BE SURE TO GET YOUR SSH KEY INSTALLED BEFORE DOING NO PASSWORDS!
PasswordAuthentication no
ChallengeResponseAuthentication no
PubkeyAuthentication yes
# Enable AllowAgentForwarding if you need to jump through this host
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no
PrintMotd no
Compression no
# Restrict SSH usage
AllowUsers <user1> <user2>This makes your ssh much happier.
Also I like to use lnav for log viewing, and caddy for my webserver. I like to use it in 'http/3 mode', with new version of quic enabled as well.