Ubuntu Server SSH Configuration and Package Management

SSH Configuration File: Simplifying Server Access

Why Use an SSH Config File?

The SSH configuration file eliminates the need to remember complex login commands, multiple IP addresses, usernames, and key file paths. Instead, you can use simple aliases to connect to your servers.

The Traditional SSH Login Method

Without a configuration file, logging into a server using SSH key authentication requires a lengthy command:

ssh -i /path/to/private/key username@server_ip_address

This approach becomes problematic when managing multiple servers. You must remember:

Different IP addresses for each server
Various usernames across servers
Multiple private key file names and locations

The Solution: SSH Config File

With a properly configured SSH config file, you can simplify your login to:

ssh alias_name

Login Comparison Diagram

Without Config
ssh -i ~/.ssh/mykey
[email protected]

→

With Config
ssh myserver

Creating the SSH Config File

Important: The config file is created locally on your PC or Mac, not on the server. Ensure you are NOT logged into your server before proceeding.

Step 1: Navigate to your home directory and create the config file

cd ~
nano ~/.ssh/config

SSH Config File Variables

Host The alias name you want to use for the server (e.g., "myserver", "240")

HostName The server's IP address or domain name

User Your non-root username on the server

IdentityFile The local path to your private SSH key

ServerAliveInterval Time in seconds before SSH sends a keepalive message (recommended: 60)

ServerAliveCountMax Maximum number of keepalive messages to send (recommended: 120)

Example Configuration: Single Server

                    Host 240
HostName 192.168.1.100
User andrew
IdentityFile ~/.ssh/my_private_key
ServerAliveInterval 60
ServerAliveCountMax 120
                

Example Configuration: Multiple Servers

                    Host 240
HostName 192.168.1.100
User andrew
IdentityFile ~/.ssh/my_private_key
ServerAliveInterval 60
ServerAliveCountMax 120

Host uk
HostName 203.0.113.50
User admin
IdentityFile ~/.ssh/uk_server_key
ServerAliveInterval 60
ServerAliveCountMax 120

Host production
HostName 198.51.100.75
User webmaster
IdentityFile ~/.ssh/prod_key
ServerAliveInterval 60
ServerAliveCountMax 120
                

Connecting to Your Server:
After creating the config file, you can connect using: ssh 240
You'll only need to enter your private key passphrase, and you're connected!

Understanding ServerAlive Settings

Connection Keepalive Process

60 seconds
No data received

→

SSH sends
keepalive message

→

Repeat up to
120 times

→

Prevents
disconnection

These settings prevent automatic disconnection after periods of inactivity

Ubuntu Package Management with APT

Critical Security Notice: Keeping your server packages up to date is essential for security, stability, and performance. Regular updates protect against vulnerabilities and bugs.

Understanding APT Commands

Package management in Ubuntu is performed using the APT (Advanced Package Tool) package manager. All package management commands require administrative privileges, so they must be prefixed with sudo.

Command	Purpose	What It Does
`sudo apt update`	Refresh package list	Downloads the latest package information from repositories. Does NOT install or upgrade packages.
`sudo apt upgrade`	Install updates	Installs newer versions of currently installed packages. Must run 'update' first.
`sudo apt autoremove`	Clean up	Removes unnecessary packages that are no longer needed as dependencies.

The Proper Update Sequence

Package Update Workflow

Step 1
sudo apt update

→

Step 2
sudo apt upgrade

→

Step 3
sudo apt autoremove

Step-by-Step Update Process

Step 1: Update the Package List

sudo apt update

Example output: "34 packages can be upgraded"

Step 2: Upgrade Packages

sudo apt upgrade

The system will show you:

Which packages will be installed
Which packages will be upgraded
How much disk space will be used
A prompt asking: "Do you want to continue? [Y/n]"

Never interrupt the upgrade process! Interrupting can leave your system in an inconsistent state and potentially cause serious issues.

Step 3: Remove Obsolete Packages

sudo apt autoremove

Handling Configuration File Prompts

Extremely Important: During upgrades, you may be prompted to overwrite existing configuration files.

Question: "Configuration file '/etc/example/config', keep the local version currently installed?"

Best Practice Answer: N (No)

Why? Answering "Y" (Yes) will overwrite your custom configurations with default settings, losing all your customizations. Always answer "N" (No) to preserve your existing configuration.

Understanding "Kept Back" Updates

What does "updates kept back" mean?

If you see a message about updates being "kept back," this is usually due to:

Dependency Issues: The update conflicts with current package versions
Phased Rollouts: Ubuntu releases some updates gradually to detect issues early

Action Required: Do NOT force these updates. They will be automatically resolved over time.

Kernel Updates and Rebooting

After certain high-level updates (especially kernel updates), you'll see a notification:

                        *** System restart required ***
Currently running kernel version is not the expected kernel version.
Restarting the system to load the new kernel will not be handled automatically.
                    

When to Reboot:

After the first time running updates on a new server (recommended)
When explicitly notified that a system restart is required
After kernel updates

sudo reboot

Wait a few minutes for the server to restart, then log back in.

Best Practices for Package Management

Recommended Update Schedule:

Run the complete update sequence at least 3 times per week
Always run in order: update → upgrade → autoremove
Never interrupt the upgrade process
Always answer "N" to configuration file overwrite prompts
Reboot when notified after kernel updates
Don't force "kept back" updates

Complete Update Example

                    # Step 1: Update package list
sudo apt update

# Step 2: Upgrade packages
sudo apt upgrade

# Step 3: Remove obsolete packages
sudo apt autoremove

# Step 4: Reboot if necessary (first time or after kernel update)
sudo reboot
                

Monthly Update Timeline Example

Week 1: Monday, Wednesday, Friday - Run full update sequence

Week 2: Monday, Wednesday, Friday - Run full update sequence

Week 3: Monday, Wednesday, Friday - Run full update sequence

Week 4: Monday, Wednesday, Friday - Run full update sequence

Quick Reference Summary

SSH Config File Template

                        Host your_alias
HostName your_server_ip
User your_username
IdentityFile ~/.ssh/your_private_key
ServerAliveInterval 60
ServerAliveCountMax 120
                    

Essential Update Commands

                        sudo apt update
sudo apt upgrade
sudo apt autoremove
sudo reboot  # (if required)
                    

Critical Reminders

Keep your server updated 3+ times weekly
Never interrupt package upgrades
Always preserve existing config files (answer "N")
Use SSH config for simplified, secure access
Reboot after significant updates when prompted