diff --git a/.archive/.0000_lib_usage.sh b/.archive/.0000_lib_usage.sh
index 98e8062..7ab25cf 100644
--- a/.archive/.0000_lib_usage.sh
+++ b/.archive/.0000_lib_usage.sh
@@ -21,7 +21,7 @@ usage() {
   clear
   cat << EOF
 $(echo -e "\e[92mCISS.debian.live.builder\e[0m")
-$(echo -e "\e[92mMaster V8.03.880.2025.07.19\e[0m")
+$(echo -e "\e[92mMaster V8.03.896.2025.07.22\e[0m")
 $(echo -e "\e[92mA lightweight Shell Wrapper for building a hardened Debian Live ISO Image.\e[0m")
 
 $(echo -e "\e[97m(c) Marc S. Weidner, 2018 - 2025\e[0m")
diff --git a/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml b/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml
index 0fb99c0..4ad7581 100644
--- a/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml
+++ b/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml
@@ -25,7 +25,7 @@ body:
     attributes:
       label: "Version"
       description: "Which version are you running? Use `./ciss_live_builder.sh -v`."
-      placeholder: "e.g., Master V8.03.880.2025.07.19"
+      placeholder: "e.g., Master V8.03.896.2025.07.22"
     validations:
       required: true
 
diff --git a/.gitea/TODO/dockerfile b/.gitea/TODO/dockerfile
index 14bfeea..6baade6 100644
--- a/.gitea/TODO/dockerfile
+++ b/.gitea/TODO/dockerfile
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 FROM debian:bookworm
 
diff --git a/.gitea/TODO/render-md-to-html.yaml b/.gitea/TODO/render-md-to-html.yaml
index d967824..b100cec 100644
--- a/.gitea/TODO/render-md-to-html.yaml
+++ b/.gitea/TODO/render-md-to-html.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 🔁 Render README.md to README.html.
 
diff --git a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml
index 1c5d873..23e76a0 100644
--- a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml
+++ b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml
@@ -11,5 +11,5 @@
 
 build:
   counter: 1023
-  version: V8.03.880.2025.07.19
+  version: V8.03.896.2025.07.22
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
diff --git a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml
index 1c5d873..23e76a0 100644
--- a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml
+++ b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml
@@ -11,5 +11,5 @@
 
 build:
   counter: 1023
-  version: V8.03.880.2025.07.19
+  version: V8.03.896.2025.07.22
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
diff --git a/.gitea/trigger/t_generate_PUBLIC.yaml b/.gitea/trigger/t_generate_PUBLIC.yaml
index 1c5d873..23e76a0 100644
--- a/.gitea/trigger/t_generate_PUBLIC.yaml
+++ b/.gitea/trigger/t_generate_PUBLIC.yaml
@@ -11,5 +11,5 @@
 
 build:
   counter: 1023
-  version: V8.03.880.2025.07.19
+  version: V8.03.896.2025.07.22
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
diff --git a/.gitea/trigger/t_generate_dns.yaml b/.gitea/trigger/t_generate_dns.yaml
index 1c5d873..23e76a0 100644
--- a/.gitea/trigger/t_generate_dns.yaml
+++ b/.gitea/trigger/t_generate_dns.yaml
@@ -11,5 +11,5 @@
 
 build:
   counter: 1023
-  version: V8.03.880.2025.07.19
+  version: V8.03.896.2025.07.22
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
diff --git a/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml b/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml
index a667037..c75778d 100644
--- a/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml
+++ b/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 🔐 Generating a Private Live ISO FLV 0.
 
diff --git a/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml b/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml
index c7b37d8..92a10f9 100644
--- a/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml
+++ b/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 🔐 Generating a Private Live ISO FLV 1.
 
diff --git a/.gitea/workflows/generate_PUBLIC_iso.yaml b/.gitea/workflows/generate_PUBLIC_iso.yaml
index 5c2e19b..b9efae0 100644
--- a/.gitea/workflows/generate_PUBLIC_iso.yaml
+++ b/.gitea/workflows/generate_PUBLIC_iso.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 💙 Generating a PUBLIC Live ISO.
 
diff --git a/.gitea/workflows/linter_char_scripts.yaml b/.gitea/workflows/linter_char_scripts.yaml
index c75356f..f087e05 100644
--- a/.gitea/workflows/linter_char_scripts.yaml
+++ b/.gitea/workflows/linter_char_scripts.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 # Gitea Workflow: Shell-Script Linting
 #
diff --git a/.gitea/workflows/render-dnssec-status.yaml b/.gitea/workflows/render-dnssec-status.yaml
index 96ac7f8..91078c6 100644
--- a/.gitea/workflows/render-dnssec-status.yaml
+++ b/.gitea/workflows/render-dnssec-status.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 🛡️ Retrieve DNSSEC status of coresecret.dev.
 
diff --git a/.gitea/workflows/render-dot-to-png.yaml b/.gitea/workflows/render-dot-to-png.yaml
index 8f97803..cffa7f5 100644
--- a/.gitea/workflows/render-dot-to-png.yaml
+++ b/.gitea/workflows/render-dot-to-png.yaml
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 name: 🔁 Render Graphviz Diagrams.
 
diff --git a/.shellcheckrc b/.shellcheckrc
new file mode 100644
index 0000000..4a170c0
--- /dev/null
+++ b/.shellcheckrc
@@ -0,0 +1,28 @@
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
+# SPDX-PackageName: CISS.debian.installer
+# SPDX-Security-Contact: security@coresecret.eu
+
+encoding=utf-8
+external-sources=true
+shell=bash
+source-path=~/lib
+source-path=~/scripts
+source-path=~/var
+
+enable=avoid-nullary-conditions
+enable=check-extra-masked-returns
+enable=check-set-e-suppressed
+enable=check-unassigned-uppercase
+enable=deprecate-which
+enable=quote-safe-variables
+enable=require-double-brackets
+enable=require-variable-braces
+
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf
diff --git a/.version.properties b/.version.properties
index b344463..3be0dfc 100644
--- a/.version.properties
+++ b/.version.properties
@@ -15,5 +15,5 @@ properties_SPDX-License-Identifier="EUPL-1.2 OR LicenseRef-CCLA-1.0"
 properties_SPDX-LicenseComment="This file is part of the CISS.debian.installer.secure framework."
 properties_SPDX-PackageName="CISS.debian.live.builder"
 properties_SPDX-Security-Contact="security@coresecret.eu"
-properties_version="V8.03.880.2025.07.19"
+properties_version="V8.03.896.2025.07.22"
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf
diff --git a/CISS.debian.live.builder.spdx b/CISS.debian.live.builder.spdx
index 89c404b..0e2ceaf 100644
--- a/CISS.debian.live.builder.spdx
+++ b/CISS.debian.live.builder.spdx
@@ -6,7 +6,7 @@ Creator: Person: Marc S. Weidner (Centurion Intelligence Consulting Agency)
 Created: 2025-05-07T12:00:00Z
 Package: CISS.debian.live.builder
 PackageName: CISS.debian.live.builder
-PackageVersion: Master V8.03.880.2025.07.19
+PackageVersion: Master V8.03.896.2025.07.22
 PackageSupplier: Organization: Centurion Intelligence Consulting Agency
 PackageDownloadLocation: https://git.coresecret.dev/msw/CISS.debian.live.builder
 PackageHomePage: https://git.coresecret.dev/msw/CISS.debian.live.builder
diff --git a/README.md b/README.md
index 5c0810d..2bf9e07 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 gitea: none
 include_toc: true
 ---
-[![Static Badge](https://badges.coresecret.dev/badge/Release-V8.03.880.2025.07.19-white?style=plastic&logo=linux&logoColor=white&logoSize=auto&label=Release&color=%23FCC624)](https://git.coresecret.dev/msw/CISS.debian.live.builder)
+[![Static Badge](https://badges.coresecret.dev/badge/Release-V8.03.896.2025.07.22-white?style=plastic&logo=linux&logoColor=white&logoSize=auto&label=Release&color=%23FCC624)](https://git.coresecret.dev/msw/CISS.debian.live.builder)
 &nbsp;
 [![Static Badge](https://badges.coresecret.dev/badge/Licence-EUPL1.2-white?style=plastic&logo=europeanunion&logoColor=white&logoSize=auto&label=Licence&color=%23003399)](https://eupl.eu/1.2/en/) &nbsp;
 [![Static Badge](https://badges.coresecret.dev/badge/opensourceinitiative-Compliant-white?style=plastic&logo=opensourceinitiative&logoColor=white&logoSize=auto&label=OSI&color=%233DA639)](https://opensource.org/license/eupl-1-2) &nbsp;
@@ -26,7 +26,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 This shell wrapper automates the creation of a Debian Bookworm live ISO hardened according to the latest best practices in server
 and service security. It integrates into your build pipeline to deliver an isolated, robust environment suitable for
@@ -142,7 +142,7 @@ This means function status of the **CISS.2025.debian.live.builder** ISO after d-
 
 This project adheres strictly to a structured versioning scheme following the pattern x.y.z-Date.
 
-Example: `V8.03.880.2025.07.19`
+Example: `V8.03.896.2025.07.22`
 
 `x.y.z` represents major (x), minor (y), and patch (z) version increments.
 
diff --git a/ciss_live_builder.sh b/ciss_live_builder.sh
index d641052..fcd9970 100644
--- a/ciss_live_builder.sh
+++ b/ciss_live_builder.sh
@@ -27,10 +27,12 @@
 # You can use bash via WSL, MSYS2, or Cygwin on Windows systems.
 
 ### Preliminary checks
+# shellcheck disable=2292
 [ -z "${BASH_VERSINFO[0]}" ] && {
   . ./var/global.var.sh; printf "\e[91m❌ Please make sure you are using 'bash'! Bye... \e[0m\n" >&2; exit "${ERR_UNSPPTBASH}"; }
 [[ ${EUID} -ne 0 ]] && {
   . ./var/global.var.sh; printf "\e[91m❌ Please make sure you are 'root'! Bye... \e[0m\n" >&2; exit "${ERR_NOT_USER_0}"; }
+# shellcheck disable=2312
 [[ $(kill -l | grep -c SIG) -eq 0 ]] && {
   . ./var/global.var.sh; printf "\e[91m❌ Please make sure you are calling the script without leading 'sh'! Bye... \e[0m\n" >&2; exit "${ERR_UNSPPTBASH}"; }
 [[ ${BASH_VERSINFO[0]} -lt 5 ]] && {
@@ -113,13 +115,14 @@ for dir in /usr/local/sbin /usr/sbin; do case ":${PATH}:" in *":${dir}:"*) ;; *)
 check_pkgs
 
 ### DIALOG OUTPUT FOR INITIALIZATION
-if ! $VAR_HANDLER_AUTOBUILD; then boot_screen; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then boot_screen; fi
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nInitialization done ... \nXXX\n15\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nInitialization done ... \nXXX\n15\n" >&3; fi
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nAdditional initialization ... \nXXX\n30\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nAdditional initialization ... \nXXX\n30\n" >&3; fi
+
 ### Initialization
 declare -gr ARGUMENTS_COUNT="$#"
 declare -gr ARG_STR_ORG_INPUT="$*"
@@ -132,36 +135,36 @@ declare -grx SCRIPT_BASEPATH="$(dirname "${SCRIPT_FULLPATH}")"
 declare -grx VAR_WORKDIR="$(dirname "${SCRIPT_FULLPATH}")"
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nActivate traps ... \nXXX\n50\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nActivate traps ... \nXXX\n50\n" >&3; fi
 ### Following the CISS Bash naming and ordering scheme:
 trap 'trap_on_exit "$?"' EXIT
 trap 'trap_on_err "$?" "${BASH_SOURCE[0]}" "${LINENO}" "${FUNCNAME[0]:-main}" "${BASH_COMMAND}"' ERR
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nSanitizing Arguments ... \nXXX\n75\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nSanitizing Arguments ... \nXXX\n75\n" >&3; fi
 arg_check "$@"
 declare -ar ARY_ARG_SANITIZED=("$@")
 declare -gr VAR_ARG_SANITIZED="${ARY_ARG_SANITIZED[*]}"
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nParsing Arguments ... \nXXX\n90\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nParsing Arguments ... \nXXX\n90\n" >&3; fi
 arg_parser "$@"
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nFinal checks ... \nXXX\n95\n" >&3; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nFinal checks ... \nXXX\n95\n" >&3; fi
 clean_ip
 
 ### Updating Status of Dialog Gauge Bar
-if ! $VAR_HANDLER_AUTOBUILD; then printf "XXX\nInitialization completed ... \nXXX\n100\n" >&3; sleep 1; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then printf "XXX\nInitialization completed ... \nXXX\n100\n" >&3; sleep 1; fi
 
 ### Turn off Dialog Wrapper
-if ! $VAR_HANDLER_AUTOBUILD; then boot_screen_cleaner; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then boot_screen_cleaner; fi
 
 ### MAIN Program
 arg_priority_check
 check_stats
-if ! $VAR_HANDLER_AUTOBUILD; then check_provider; fi
-if ! $VAR_HANDLER_AUTOBUILD; then check_kernel; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then check_provider; fi
+if ! ${VAR_HANDLER_AUTOBUILD}; then check_kernel; fi
 check_hooks
 hardening_ssh
 lb_config_start
diff --git a/config/hooks/live/0810_chrony_setup.chroot b/config/hooks/live/0810_chrony_setup.chroot
index ae0bd3d..9275a2a 100644
--- a/config/hooks/live/0810_chrony_setup.chroot
+++ b/config/hooks/live/0810_chrony_setup.chroot
@@ -39,14 +39,13 @@ authselectmode require
 server ptbtime1.ptb.de iburst nts minpoll 5 maxpoll 9
 server ptbtime2.ptb.de iburst nts minpoll 5 maxpoll 9
 server ptbtime3.ptb.de iburst nts minpoll 5 maxpoll 9
-server ptbtime4.ptb.de iburst nts noselect minpoll 5 maxpoll 9
-# server nts.netnod.se iburst nts minpoll 5 maxpoll 9
-
+server ptbtime4.ptb.de iburst nts minpoll 5 maxpoll 9
+server sth1.ntp.se iburst nts minpoll 5 maxpoll 9
+server ntp0.fau.de iburst nts minpoll 5 maxpoll 9
+server ntp13.metas.ch iburst nts minpoll 5 maxpoll 9
 # server ntp.ripe.net iburst nts minpoll 5 maxpoll 9
-# server ntp12.metas.ch iburst nts minpoll 5 maxpoll 9
 # server ntp2.tecnico.ulisboa.pt iburst nts minpoll 5 maxpoll 9
 # server time-c-b.nist.gov iburst nts minpoll 5 maxpoll 9
-server ntp0.fau.de iburst nts minpoll 5 maxpoll 9
 
 leapsectz right/UTC
 
diff --git a/config/includes.chroot/etc/ssh/sshd_config b/config/includes.chroot/etc/ssh/sshd_config
index cc1e96e..b8d5d64 100644
--- a/config/includes.chroot/etc/ssh/sshd_config
+++ b/config/includes.chroot/etc/ssh/sshd_config
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 ### https://www.ssh-audit.com/
 ### ssh -Q cipher | cipher-auth | compression | kex | kex-gss | key | key-cert | key-plain | key-sig | mac | protocol-version | sig
diff --git a/config/includes.chroot/etc/sysctl.d/99_local.hardened b/config/includes.chroot/etc/sysctl.d/99_local.hardened
index 1b4b2e9..d966b64 100644
--- a/config/includes.chroot/etc/sysctl.d/99_local.hardened
+++ b/config/includes.chroot/etc/sysctl.d/99_local.hardened
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-### Version Master V8.03.880.2025.07.19
+### Version Master V8.03.896.2025.07.22
 
 ### https://docs.kernel.org/
 ### https://github.com/a13xp0p0v/kernel-hardening-checker/
diff --git a/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh b/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh
index d5947b8..cebd23f 100644
--- a/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh
+++ b/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh
@@ -10,7 +10,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-declare -gr VERSION="Master V8.03.880.2025.07.19"
+declare -gr VERSION="Master V8.03.896.2025.07.22"
 
 ### VERY EARLY CHECK FOR DEBUGGING
 if [[ $* == *" --debug "* ]]; then
diff --git a/config/includes.chroot/preseed/preseed.cfg b/config/includes.chroot/preseed/preseed.cfg
index 3aebaea..e9734a6 100644
--- a/config/includes.chroot/preseed/preseed.cfg
+++ b/config/includes.chroot/preseed/preseed.cfg
@@ -112,4 +112,4 @@ d-i preseed/late_command string sh /preseed/.ash/3_di_preseed_late_command.sh
 
 # Please consider donating to my work at: https://coresecret.eu/spenden/
 ###########################################################################################
-# Written by: ./preseed_hash_generator.sh Version: Master V8.03.880.2025.07.19 at: 10:18:37.9542
+# Written by: ./preseed_hash_generator.sh Version: Master V8.03.896.2025.07.22 at: 10:18:37.9542
diff --git a/config/includes.chroot/root/.ciss/alias b/config/includes.chroot/root/.ciss/alias
index 904203f..2d12942 100644
--- a/config/includes.chroot/root/.ciss/alias
+++ b/config/includes.chroot/root/.ciss/alias
@@ -14,7 +14,7 @@
 #######################################
 # Outputs a 16-character random printable string
 # Arguments:
-#  None
+#   None
 #######################################
 genstring() {
   (haveged -n 1000 -f - 2>/dev/null | tr -cd '[:graph:]' | fold -w 16 && echo ) | head
@@ -108,7 +108,7 @@ alias whatpurge='dpkg --get-selections | grep deinstall'
 ###########################################################################################
 # Generates Secure (/dev/random) Passwords
 # Arguments:
-#  Length of Password, e.g., 32, and --base64 in case of encoding in BASE64.
+#    Length of Password, e.g., 32, and --base64 in case of encoding in BASE64.
 ###########################################################################################
 # shellcheck disable=SC2317
 genpasswd() {
@@ -138,11 +138,11 @@ genpasswd() {
   fi
 }
 
-###########################################################################################
-# Generates Secure (/dev/random) Passwords
+#######################################
+# Generates Secure (/dev/random) Passwords.
 # Arguments:
-#  none
-###########################################################################################
+#   none
+#######################################
 # shellcheck disable=SC2317
 genpasswdhash() {
   declare salt
@@ -153,8 +153,8 @@ genpasswdhash() {
 #######################################
 # Wrapper for secure curl
 # Arguments:
-#  $1: URL from which to download a specific file
-#  $2: /path/to/file to be saved to
+#   1: URL from which to download a specific file
+#   2: /path/to/file to be saved to
 # Returns:
 #   0: Download successful
 #   1: Usage error
@@ -183,8 +183,8 @@ scurl() {
 #######################################
 # Wrapper for secure wget
 # Arguments:
-#  $1: URL from which to download a specific file
-#  $2: /path/to/file to be saved to
+#   1: URL from which to download a specific file
+#   2: /path/to/file to be saved to
 # Returns:
 #   0: Download successful
 #   1: Usage error
@@ -214,7 +214,7 @@ swget() {
 #######################################
 # Wrapper for loading CISS.2025 hardened Kernel Parameters
 # Arguments:
-#  None
+#   None
 #######################################
 sysp() {
   sysctl -p /etc/sysctl.d/99_local.hardened
diff --git a/docs/AUDIT_DNSSEC.md b/docs/AUDIT_DNSSEC.md
index caf9f98..5c9b764 100644
--- a/docs/AUDIT_DNSSEC.md
+++ b/docs/AUDIT_DNSSEC.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. DNSSEC Status
 
diff --git a/docs/AUDIT_HAVEGED.md b/docs/AUDIT_HAVEGED.md
index 54c5fbc..e769f61 100644
--- a/docs/AUDIT_HAVEGED.md
+++ b/docs/AUDIT_HAVEGED.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Haveged Audit on Netcup RS 2000 G11
 
diff --git a/docs/AUDIT_LYNIS.md b/docs/AUDIT_LYNIS.md
index d35c7f3..5b9872f 100644
--- a/docs/AUDIT_LYNIS.md
+++ b/docs/AUDIT_LYNIS.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Lynis Audit:
 
diff --git a/docs/AUDIT_SSH.md b/docs/AUDIT_SSH.md
index b1ef657..4cb6918 100644
--- a/docs/AUDIT_SSH.md
+++ b/docs/AUDIT_SSH.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. SSH Audit by ssh-audit.com
 
diff --git a/docs/AUDIT_TLS.md b/docs/AUDIT_TLS.md
index e12fce7..f1c615c 100644
--- a/docs/AUDIT_TLS.md
+++ b/docs/AUDIT_TLS.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. TLS Audit:
 
diff --git a/docs/BOOTPARAMS.md b/docs/BOOTPARAMS.md
index f2f487d..2d2051b 100644
--- a/docs/BOOTPARAMS.md
+++ b/docs/BOOTPARAMS.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Hardened Kernel Boot Parameters
 
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index ea6c3af..099f7f7 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -8,10 +8,16 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Changelog
 
+## V8.03.896.2025.07.22
+
+* Added: [.shellcheckrc](../.shellcheckrc)
+* Bugfixes: [ciss_live_builder.sh](../ciss_live_builder.sh)
+* Updated: [0810_chrony_setup.chroot](../config/hooks/live/0810_chrony_setup.chroot)
+
 ## V8.03.880.2025.07.19
 
 * Updated: [alias](../config/includes.chroot/root/.ciss/alias)
diff --git a/docs/CNET.md b/docs/CNET.md
index 59eea7d..8e701e7 100644
--- a/docs/CNET.md
+++ b/docs/CNET.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Centurion Net - Developer Branch Overview
 
diff --git a/docs/CODING_CONVENTION.md b/docs/CODING_CONVENTION.md
index 40ce7ab..a93cd13 100644
--- a/docs/CODING_CONVENTION.md
+++ b/docs/CODING_CONVENTION.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Coding Style
 
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index be6e793..d5cbf03 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Contributing / participating
 
diff --git a/docs/CREDITS.md b/docs/CREDITS.md
index 9a78e34..83837f2 100644
--- a/docs/CREDITS.md
+++ b/docs/CREDITS.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Credits
 
diff --git a/docs/DL_PUB_ISO.md b/docs/DL_PUB_ISO.md
index 7194e93..d897f66 100644
--- a/docs/DL_PUB_ISO.md
+++ b/docs/DL_PUB_ISO.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Download the latest PUBLIC CISS.debian.live.ISO
 
diff --git a/docs/DOCUMENTATION.md b/docs/DOCUMENTATION.md
index 13d4161..6d5255b 100644
--- a/docs/DOCUMENTATION.md
+++ b/docs/DOCUMENTATION.md
@@ -8,12 +8,12 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2.1. Usage
 ````text
 CISS.debian.live.builder
-Master V8.03.880.2025.07.19
+Master V8.03.896.2025.07.22
 A lightweight Shell Wrapper for building a hardened Debian Bookworm Live ISO Image.
 
 (c) Marc S. Weidner, 2018 - 2025
@@ -133,7 +133,7 @@ A lightweight Shell Wrapper for building a hardened Debian Bookworm Live ISO Ima
 # 2.2. Contact
 ````text
 CISS.debian.live.builder
-Master V8.03.880.2025.07.19
+Master V8.03.896.2025.07.22
 A lightweight Shell Wrapper for building a hardened Debian Bookworm Live ISO Image.
 
 (c) Marc S. Weidner, 2018 - 2025
diff --git a/docs/REFERENCES.md b/docs/REFERENCES.md
index 10f4563..c3c5d89 100644
--- a/docs/REFERENCES.md
+++ b/docs/REFERENCES.md
@@ -8,7 +8,7 @@ include_toc: true
 **Centurion Intelligence Consulting Agency Information Security Standard**<br>
 *Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
 **Master Version**: 8.03<br>
-**Build**: V8.03.880.2025.07.19<br>
+**Build**: V8.03.896.2025.07.22<br>
 
 # 2. Resources
 
diff --git a/lib/lib_usage.sh b/lib/lib_usage.sh
index f769f0f..b6d76d3 100644
--- a/lib/lib_usage.sh
+++ b/lib/lib_usage.sh
@@ -35,13 +35,13 @@ usage() {
   # shellcheck disable=SC2155
   declare var_header=$(center "CLB(1)        CISS.debian.live.builder        CLB(1)" "${var_cols}")
   # shellcheck disable=SC2155
-  declare var_footer=$(center "V8.03.880.2025.07.19        2025-06-25        CLB(1)" "${var_cols}")
+  declare var_footer=$(center "V8.03.896.2025.07.22        2025-06-25        CLB(1)" "${var_cols}")
 
   {
     echo -e "\e[1;97m${var_header}\e[0m"
     echo
     echo -e "\e[92mCISS.debian.live.builder from https://git.coresecret.dev/msw \e[0m"
-    echo -e "\e[92mMaster V8.03.880.2025.07.19\e[0m"
+    echo -e "\e[92mMaster V8.03.896.2025.07.22\e[0m"
     echo -e "\e[92mA lightweight Shell Wrapper for building a hardened Debian Live ISO Image.\e[0m"
     echo
     echo -e "\e[97m(c) Marc S. Weidner, 2018 - 2025 \e[0m"
diff --git a/scripts/9000-cdi-starter b/scripts/9000-cdi-starter
index 7af3da0..fee49c9 100644
--- a/scripts/9000-cdi-starter
+++ b/scripts/9000-cdi-starter
@@ -15,7 +15,7 @@ printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "
 # sleep 1
 
 [[ ! -d /root/.cdi/log ]] && mkdir -p /root/.cdi/log
-printf "CISS.debian.installer Master V8.03.880.2025.07.19 is up!" >| /root/.cdi/log/boot_finished_"$(date +"%Y-%m-%d_%H-%M-%S")".log
+printf "CISS.debian.installer Master V8.03.896.2025.07.22 is up!" >| /root/.cdi/log/boot_finished_"$(date +"%Y-%m-%d_%H-%M-%S")".log
 
 if [[ -f /root/git/CISS.debian.installer/ciss_debian_installer.sh ]]; then
   chmod 0700 /root/git/CISS.debian.installer/ciss_debian_installer.sh
diff --git a/var/color.var.sh b/var/color.var.sh
index 8805b91..143b98f 100644
--- a/var/color.var.sh
+++ b/var/color.var.sh
@@ -10,14 +10,16 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-declare -grx C_BLA='\e[90m' # Beautiful black For the techno fans.
-declare -grx C_RED='\e[91m' # Bright red.
-declare -grx C_GRE='\e[92m' # Vibrant green.
-declare -grx C_YEL='\e[93m' # Fancy yellow
-declare -grx C_BLU='\e[94m' # Organic blue.
-declare -grx C_MAG='\e[95m' # Super gay magenta.
-declare -grx C_CYA='\e[96m' # Lovely cyan.
-declare -grx C_WHI='\e[97m' # Fantastic color mix.
-declare -grx C_RES='\e[0m'  # Forget everything.
+declare -grx BLA='\e[90m' # Beautiful black For the techno fans.
+declare -grx RED='\e[91m' # Bright red.
+declare -grx GRE='\e[92m' # Vibrant green.
+declare -grx YEL='\e[93m' # Fancy yellow
+declare -grx BLU='\e[94m' # Organic blue.
+declare -grx MAG='\e[95m' # Super gay magenta.
+declare -grx CYA='\e[96m' # Lovely cyan.
+declare -grx WHI='\e[97m' # Fantastic color mix.
+declare -grx RES='\e[0m'  # Forget everything.
+declare -grx TAB='\t'     # Tabulator.
+declare -grx NL='\n'      # New line.
 
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
diff --git a/var/early.var.sh b/var/early.var.sh
index 54845f5..1b422fb 100644
--- a/var/early.var.sh
+++ b/var/early.var.sh
@@ -17,7 +17,7 @@ declare -agx ARY_PARAM_ARRAY=("$@")
 declare -grx VAR_PARAM_COUNT="$#"
 declare -grx VAR_PARAM_STRNG="$*"
 declare -grx VAR_CONTACT="security@coresecret.eu"
-declare -grx VAR_VERSION="Master V8.03.880.2025.07.19"
+declare -grx VAR_VERSION="Master V8.03.896.2025.07.22"
 declare -grx VAR_SYSTEM="$(uname -a)"
 declare -gx  VAR_EARLY_DEBUG="false"
 declare -gx  VAR_HANDLER_AUTOBUILD="false"