You will sometimes find yourself looking at a Linux system, wondering why it suddenly started misbehaving. Did someone change a configuration file?
If you have no backups, and no history of your
/etc directory, you may be able to look at file modification times with
ls -l. If someone made a change, you can hope they left a comment. Both of those options are lacking.
A better way
git to control your
/etc directory. Git keeps a time and date for every commit, and a file delta. This is perfect for controlling configuration files.
However, how can you guarantee that “someone” remembers to run
git commit every time they make a change? When there’s an IT emergency and everything is blowing up, it’s easy to forget little details like this.
Your automation helper
To ensure your commits are automatic, use etckeeper. Recent Linux releases make this easy :
apt/yum install etckeeper. Besides adding a daily commit via
cron, etckeeper will also add a commit whenever you install or remove packages!
To be certain things are working, you should run
git status after you install etckeeper. If you don’t see any history, you may need to complete your setup. Run
etckeeper init and
The next time something inexplicably goes wrong on this system, you can now check whether a configuration change is the culprit.
root@trinity:/etc# git log -p -1 commit 3bd9eceaa45fc8884a2555925d55dbbffa845b3d Author: kyoder <firstname.lastname@example.org> Date: Fri May 15 16:59:54 2020 -0400 Disable sshnuke diff --git a/ssh/sshd_config b/ssh/sshd_config index bcf3ac1..61021da 100644 --- a/ssh/sshd_config +++ b/ssh/sshd_config @@ -121,3 +121,6 @@ Subsystem sftp /usr/lib/openssh/sftp-server # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server + +ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,email@example.com +macs hmac-sha1,firstname.lastname@example.org,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,email@example.com