Installation of the Ubuntu Security Guide

The Ubuntu Security Guide is an easy to use tool for compliance and auditing, and is part of Ubuntu Advantage and Ubuntu Pro and is installed using the Ubuntu Advantage Tool. The tool is available to Ubuntu 20.04 or later versions.

Install the UA client

sudo apt update
sudo apt install ubuntu-advantage-tools

Attach the subscription

NOTE: This step is not necessary in Ubuntu PRO images.

To attach your subscription follow the steps on the official Ubuntu guide.

Set up the Ubuntu Security Guide

Use the following commands to install the Ubuntu Security Guide (USG).

sudo ua enable usg
sudo apt install usg

Transitioning from the previous compliance tooling

The previous compliance tooling available in Ubuntu provided per-release scripts for CIS compliance. The following points map the old commands to the Ubuntu Security Guide syntax.

Command Replacement
/usr/share/ubuntu-scap-security-guides/cis-hardening/ usg fix
/usr/share/ubuntu-scap-security-guides/cis-hardening/ usg fix
/usr/share/ubuntu-scap-security-guides/cis-hardening/ usg fix
cis-audit usg audit
Custom configuration with ruleset-params.conf Profile customization

We should add a section about installing the benchmarks as it is not automatically installed (at least on 20.04)

Install benchmarks

In order to use the benchmarks mentionned in the compliance section, you should install them.

$ sudo apt install usg-benchmarks-1

You can skip this part if you will use your own profile.

1 Like

While not too difficult to figure out, it might be nice to mention that you need Universe for usg dependencies to install.

sudo add-apt-repository universe
1 Like