Questions tagged [security]

Security covers a wide-ranging set of topics including Users, Permissions, Authentication, Authorisation, Upgrades, Firewalling, Hardening, etc.

Ubuntu has many Security Features, and a Security Team dedicated to keeping users safe and up to date. Please feel free to get involved, or read through the Ubuntu Security FAQ.

2429 questions

400

votes

10 answers

How can I install just security updates from the command line?

sudo apt-get upgrade installs all updates, not just security updates. I know that I can use Update Manager to select only important security updates, but is there a way to do this from the command line?

asked Jul 28 '10 at 22:50

crenshaw-dev

30,632
9
43
47

337

votes

9 answers

Are PPAs safe to add to my system and what are some "red flags" to watch out for?

I see a lot of interesting programs out there that can only be obtained by adding a "PPA" to the system but, if I'm understanding correctly, we should stay within the official "repositories" for adding software to our system. Is there any way for a…

security ppa repository

asked Apr 17 '11 at 16:31

Rob

12,760
11
32
40

241

votes

11 answers

How to delete file(s) in secure manner?

Is there a way to make sure that a deleted file can not be recovered? As you know, deleting a file by pressing shift-del or using trash doesn't mean that file is gone forever. It resides somewhere in the computer. In day to day life, law…

security

asked Aug 18 '11 at 08:22

user20296

221

votes

22 answers

Why is it bad to log in as root?

I've often come across posts on forums or other websites where you see people joking in such a manner about running/logging in as root as if it's something awful and everyone ought to know about it. However, there isn't much that a search reveals on…

security root users administrator

asked Dec 04 '10 at 17:00

Mussnoon

4,956
5
26
28

217

votes

2 answers

How do I scan for viruses with ClamAV?

I installed ClamAV via Terminal (Ctrl+Alt+T) with: sudo apt-get install clamav but how can I scan for viruses?

security malware antivirus clamav

asked Feb 01 '13 at 16:24

BuZZ-dEE

13,993
18
63
80

167

votes

3 answers

Difference between PGP and GPG

What are the main differences between PGP (Pretty Good Privacy) and GPG (GNU Privacy Guard) in relationship with security in Ubuntu and Launchpad?

security gnupg pgp

asked Sep 12 '12 at 02:03

Luis Alvarado

209,003
167
543
707

158

votes

4 answers

How do I patch/workaround SSLv3 POODLE vulnerability (CVE-2014-3566)?

After the BEAST attack and Heartbleed bug, now I've heard about a new vulnerability in SSL/TLS called POODLE. How do I protect myself against being exploited? Are only servers or also clients affected? Is this OpenSSL/GnuTLS specific? What kind of…

security ssl tls

asked Oct 14 '14 at 23:49

gertvdijk

67,007
33
188
283

153

votes

6 answers

How to patch the Heartbleed bug (CVE-2014-0160) in OpenSSL?

As of today, a bug in OpenSSL has been found affecting versions 1.0.1 through 1.0.1f (inclusive) and 1.0.2-beta. Since Ubuntu 12.04, we are all vulnerable to this bug. In order to patch this vulnerability, affected users should update to OpenSSL…

security openssl

asked Apr 07 '14 at 22:17

Lucio

18,648
31
107
190

145

votes

3 answers

How to create a restricted SSH user for port forwarding?

ændrük suggested a reverse connection for getting an easy SSH connection with someone else (for remote help). For that to work, an additional user is needed to accept the connection. This user needs to be able to forward his port through the server…

ssh security port-forwarding

asked Jun 10 '11 at 20:04

Lekensteyn

171,743
65
311
401

142

votes

5 answers

What is the CVE-2014-6271 bash vulnerability (Shellshock) and how do I fix it?

Recently, there have been news going around regarding "CVE-2014-6271" (See USN-2362-1), which is a vulnerability in Bash. How do I know if I am affected by this, how can I fix it, and why should I care? This is designed as a canonical answer for…

bash security shellshock

asked Sep 24 '14 at 21:48

nanofarad

20,597
12
65
91

139

votes

3 answers

How do I keep track of failed SSH log-in attempts?

I'd like to see if somebody has been trying to log-in by brute-force into my Ubuntu 12.04 server over SSH. How can I see if such activities have been taking place?

ssh security log

asked Aug 20 '12 at 06:32

Ivan

55,987
65
150
212

134

votes

13 answers

How to harden an SSH server?

What measures can/should I take to make sure that security around my SSH server is absolutely impermeable? This will be community wiki from the start, so lets see what people do to secure their servers.

security ssh

asked Aug 14 '10 at 13:43

LassePoulsen

14,517
8
47
59

130

votes

2 answers

How can I allow SSH password authentication from only certain IP addresses?

I'd like to allow SSH password authentication from only a certain subnet. I see the option to disallow it globally in /etc/ssh/sshd_config: # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes Is there a way to apply…

ssh configuration security password authentication

asked Feb 05 '12 at 17:25

ændrük

75,636
74
233
365

108

votes

7 answers

What is the difference between "gksudo nautilus" and "sudo nautilus"?

I've been using gksudo nautilus and sudo nautilus through Alt+F2. What's the difference? They look very similar!

sudo security root gksudo

asked Nov 06 '10 at 14:48

DrKenobi

6,382
5
24
25

106

votes

3 answers

What is apparmor?

I hear a lot of talk about apparmor, I want to know the following: What is apparmor? How does apparmor work?

security apparmor

asked Jan 05 '13 at 02:09

Alvar

16,898
29
91
134

2 3

…

99 100 Next