How to Install and Uninstall lacme-accountd Package on Ubuntu 20.10 (Groovy Gorilla)
Last updated: May 20,2024
1. Install "lacme-accountd" package
In this section, we are going to explain the necessary steps to install lacme-accountd on Ubuntu 20.10 (Groovy Gorilla)
$
sudo apt update
Copied
$
sudo apt install
lacme-accountd
Copied
2. Uninstall "lacme-accountd" package
This tutorial shows how to uninstall lacme-accountd on Ubuntu 20.10 (Groovy Gorilla):
$
sudo apt remove
lacme-accountd
Copied
$
sudo apt autoclean && sudo apt autoremove
Copied
3. Information about the lacme-accountd package on Ubuntu 20.10 (Groovy Gorilla)
Package: lacme-accountd
Architecture: all
Version: 0.6.1-1
Priority: optional
Section: universe/utils
Source: lacme
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Guilhem Moulin
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 26
Depends: libconfig-tiny-perl, libjson-perl
Recommends: libcrypt-openssl-rsa-perl
Filename: pool/universe/l/lacme/lacme-accountd_0.6.1-1_all.deb
Size: 9052
MD5sum: 9a9218035d43b8ede5cc0741113dbe15
SHA1: 5a25b95c02881f1dcfddb5c28f396eb60db2b1cc
SHA256: 9d8130f0370eaa1a3b00ade11a8cf8b5edfa0f6af9f44795e632b9066be5cf33
SHA512: 5e04c312a7558ff748b757c57a1b0e9cc3f8a997f0d508318c0d8620e4a07175b2d9a1f0cd26e03d02292b2dd2ee660148bae2996ec01f0db42ad900c0a72cc8
Homepage: https://git.guilhem.org/lacme/about/
Description-en: lacme account key manager
lacme is an ACME client written with process isolation and minimal privileges
in mind. It is divided into four components, each with its own executable:
.
* A process to manage the account key and issue SHA-256 signatures needed for
each ACME command. (This process binds to a UNIX-domain socket to reply to
signature requests from the ACME client.) One can use the UNIX-domain
socket forwarding facility of OpenSSH 6.7 and later to run this process on
a different host.
.
* A "master" process, which runs as root and is the only component
with access to the private key material of the server keys. It is used to
fork the ACME client (and optionally the ACME webserver) after dropping
root privileges. For certificate issuances, it also generates Certificate
Signing Requests, then verifies the validity of the issued certificate, and
optionally reloads or restarts services.
.
* An actual ACME client, which builds ACME commands and dialogues with
the remote ACME server. Since ACME commands need to be signed with the
account key, the "master" process passes the UNIX-domain socket of the
account key manager to the ACME client: data signatures are requested by
writing the data to be signed to the socket.
.
* For certificate issuances, an optional webserver, which is spawned
by the "master" process when no service is listening on the HTTP port.
(The only challenge type currently supported is "http-01", which requires a
webserver to answer challenges.) That webserver only processes GET and
HEAD requests under the "/.well-known/acme-challenge/" URI. iptables(8)
rules can optionally be installed to temporarily open the HTTP port.
.
lacme-accountd is the first (account key manager) component. It is the only
component with access to the account key.
Description-md5: 43841cd6e20515c161e6aa7d19ef9210
Architecture: all
Version: 0.6.1-1
Priority: optional
Section: universe/utils
Source: lacme
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Guilhem Moulin
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 26
Depends: libconfig-tiny-perl, libjson-perl
Recommends: libcrypt-openssl-rsa-perl
Filename: pool/universe/l/lacme/lacme-accountd_0.6.1-1_all.deb
Size: 9052
MD5sum: 9a9218035d43b8ede5cc0741113dbe15
SHA1: 5a25b95c02881f1dcfddb5c28f396eb60db2b1cc
SHA256: 9d8130f0370eaa1a3b00ade11a8cf8b5edfa0f6af9f44795e632b9066be5cf33
SHA512: 5e04c312a7558ff748b757c57a1b0e9cc3f8a997f0d508318c0d8620e4a07175b2d9a1f0cd26e03d02292b2dd2ee660148bae2996ec01f0db42ad900c0a72cc8
Homepage: https://git.guilhem.org/lacme/about/
Description-en: lacme account key manager
lacme is an ACME client written with process isolation and minimal privileges
in mind. It is divided into four components, each with its own executable:
.
* A process to manage the account key and issue SHA-256 signatures needed for
each ACME command. (This process binds to a UNIX-domain socket to reply to
signature requests from the ACME client.) One can use the UNIX-domain
socket forwarding facility of OpenSSH 6.7 and later to run this process on
a different host.
.
* A "master" process, which runs as root and is the only component
with access to the private key material of the server keys. It is used to
fork the ACME client (and optionally the ACME webserver) after dropping
root privileges. For certificate issuances, it also generates Certificate
Signing Requests, then verifies the validity of the issued certificate, and
optionally reloads or restarts services.
.
* An actual ACME client, which builds ACME commands and dialogues with
the remote ACME server. Since ACME commands need to be signed with the
account key, the "master" process passes the UNIX-domain socket of the
account key manager to the ACME client: data signatures are requested by
writing the data to be signed to the socket.
.
* For certificate issuances, an optional webserver, which is spawned
by the "master" process when no service is listening on the HTTP port.
(The only challenge type currently supported is "http-01", which requires a
webserver to answer challenges.) That webserver only processes GET and
HEAD requests under the "/.well-known/acme-challenge/" URI. iptables(8)
rules can optionally be installed to temporarily open the HTTP port.
.
lacme-accountd is the first (account key manager) component. It is the only
component with access to the account key.
Description-md5: 43841cd6e20515c161e6aa7d19ef9210
4. References on Ubuntu 20.10 (Groovy Gorilla)
5. The same packages on other Linux Distributions
Popular Linux Distros
Ubuntu
Arch
Linux Mint
Fedora
Kali Linux
Debian
openSuSE
CentOS
Oracle Linux
Rocky Linux
Manjaro
AlmaLinux
Amazon Linux
Red Hat Enterprise Linux