How to Install and Uninstall lacme-accountd Package on Ubuntu 21.04 (Hirsute Hippo)

Last updated: November 07,2024

1. Install "lacme-accountd" package

Learn how to install lacme-accountd on Ubuntu 21.04 (Hirsute Hippo)

$ sudo apt update $ sudo apt install lacme-accountd

2. Uninstall "lacme-accountd" package

Please follow the instructions below to uninstall lacme-accountd on Ubuntu 21.04 (Hirsute Hippo):

$ sudo apt remove lacme-accountd $ sudo apt autoclean && sudo apt autoremove

3. Information about the lacme-accountd package on Ubuntu 21.04 (Hirsute Hippo)

Package: lacme-accountd
Architecture: all
Version: 0.8.0-1
Priority: optional
Section: universe/utils
Source: lacme
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Guilhem Moulin
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 32
Depends: libconfig-tiny-perl, libjson-perl, perl:any
Recommends: libcrypt-openssl-rsa-perl
Suggests: gpg, openssl
Filename: pool/universe/l/lacme/lacme-accountd_0.8.0-1_all.deb
Size: 11964
MD5sum: b6f64f1e6aa6f19412fe41f1b5efb256
SHA1: f4683f79716cc3bcc89bbbfb99b04adcfba4d0c0
SHA256: b0be95da1e882bb3f5c2fcda95f796e1dc7af7ca103df42c23b39b35b3d8b417
SHA512: 05b6f71d1acaf6378db79f81ca750933f91b911962a9ab92be3a938b1ef77f90ba0b22335222828ad0eb4f456b762e97ce5306293f76ee2f70db8313339ae320
Homepage: https://git.guilhem.org/lacme/about/
Description-en: lacme account key manager
lacme is an ACME client written with process isolation and minimal privileges
in mind. It is divided into four components, each with its own executable:
.
* A process to manage the account key and issue SHA-256 signatures needed for
each ACME command. (This process binds to a UNIX-domain socket to reply to
signature requests from the ACME client.) One can use the UNIX-domain
socket forwarding facility of OpenSSH 6.7 and later to run this process on
a different host.
.
* A "master" process, which runs as root and is the only component
with access to the private key material of the server keys. It is used to
fork the ACME client (and optionally the ACME webserver) after dropping
root privileges. For certificate issuances, it also generates Certificate
Signing Requests, then verifies the validity of the issued certificate, and
optionally reloads or restarts services.
.
* An actual ACME client, which builds ACME commands and dialogues with
the remote ACME server. Since ACME commands need to be signed with the
account key, the "master" process passes the UNIX-domain socket of the
account key manager to the ACME client: data signatures are requested by
writing the data to be signed to the socket.
.
* For certificate issuances, an optional webserver, which is spawned
by the "master" process when no service is listening on the HTTP port.
(The only challenge type currently supported is "http-01", which requires a
webserver to answer challenges.) That webserver only processes GET and
HEAD requests under the "/.well-known/acme-challenge/" URI. iptables(8)
rules can optionally be installed to temporarily open the HTTP port.
.
lacme-accountd is the first (account key manager) component. It is the only
component with access to the account key.
Description-md5: 43841cd6e20515c161e6aa7d19ef9210