Ubuntu Server 20.04 LTS: stability, security and more
Tags: LTS , Release , Security , Ubuntu , Ubuntu Server
Ubuntu Server 20.04 LTS (long-term support) is here with enterprise-class stability, resiliency and even better security. As an LTS release, it will be supported by Canonical until 2025. However, customers can extend security updates by an additional five years through the ESM (Extended Security Maintenance) service as part of their UA-I (Ubuntu Advantage for Infrastructure) subscription. All of that makes Ubuntu Server 20.04 LTS one of the most stable and secure Linux distributions, perfectly suitable for production deployments across public clouds, data centres and the edge.
In this blog, I will walk you through new features that have been introduced as part of the 20.04 LTS release. These include updates to the Ubuntu Server Live Installer, new Ubuntu Server Guide, Ubuntu Pro images and more. We will also be covering what’s new in Ubuntu Server 20.04 LTS in a webinar on April 29th for which you can register now.
Up to ten years of security
One of the biggest advantages of Ubuntu Server 20.04 LTS is the stability that it brings. This comes from up to ten years of security provided under the UA-I subscription. Being an LTS release, Ubuntu Server 20.04 comes with five years of support by default. However, the ESM service extends security updates for an additional five years. This results in a super stable platform for both infrastructure and applications deployment that is optimised for enterprise needs.
Ubuntu Server Live Installer – automatic updates
Ubuntu Server Live Installer will now provide an option to automatically update itself every time it boots. This will provide users with immediate access to new features, bug fixes and security patches available in the installer without the need to wait for the official point releases and using newer versions of the installer. After booting on a computer with access to the Internet, the installer will check and notify users if there is a newer version available. Users will have an option to either update the installer or skip the update. If they choose to update, the installer will update itself and the installation session will be resumed once the update is finished.
SSH two-factor authentication
Historically, SSH used to use single-factor authentication and the actual authentication mechanism was based on passwords or keys. This can pose a security risk in case of the leakage of secrets or if the system was compromised. Starting with Ubuntu Server 20.04 LTS, SSH will support hardware-based two-factor authentication which minimises the impact of secrets leakage and improves the security level provided by SSH. On systems with two-factor authentication enabled, users will have to use either a physical device or authenticator app when establishing an SSH session. This will prove that the session is being established from the computer on which the keys were generated.
WireGuard® is an innovative VPN technology with modern cryptography defaults and streamlined usability. By running as a module in the kernel space, it provides performance advantages and a high level of security. WireGuard is included in 20.04 LTS and will be backported to Ubuntu 18.04 LTS to support widespread enterprise adoption.
More resilient bootloader
Previous versions of the Ubuntu installer allowed writing the bootloader to a single disk only. This was resulting in the bootloader being a single point of failure in systems with multiple disks attached. The latest version of the Ubuntu installer allows writing the bootloader to multiple disks, ensuring the resiliency of Ubuntu Server at the bootloader level.
Ubuntu Pro images for public clouds
Ubuntu Pro is a premium image designed by Canonical to provide the most comprehensive feature set for production environments running in public clouds. It is based on standard Ubuntu Server cloud images but provides access to additional features, such as security certifications and hardening and the Kernel Livepatch service. Ubuntu Pro images are already available for previous Ubuntu LTS versions back to 14.04 LTS and Ubuntu 20.04 LTS Pro images will be made available shortly after release.
Other notable changes in Ubuntu Server 20.04 LTS
In addition to the features described above, Ubuntu Server 20.04 LTS includes many other improvements. Here is a summary of the most notable changes:
- Support for all major architectures: x64-64, ARM v7, ARM64, POWER 8, POWER 9, IBM s390x (LinuxONE) and introduces initial support for RISC-V.
- Updates to various applications: QEMU (v4.2), libvirt (v6.0), PHP (v7.4), Ruby (v2.7), GCC (v9.3), Python (v3.8), MySQL (v8.0) and NGINX (v1.17).
- Based on a new long-term Linux kernel – 5.4 – for the latest hardware support and security updates.
- Support for the latest version of the IMDS (instance metadata service) – IMDSv2 – on AWS.
- Improved support for IPv6 on Microsoft Azure.
- AppArmor 3 for an even more secure system.
- New Ubuntu Server Guide.
Ubuntu Server 20.04 LTS was officially released on April, 23rd. You can download it from our website. Just try it and explore the new features coming with the release of 20.04 LTS.
To join the ‘Ubuntu Server 20.04 LTS: What’s new?’ webinar, register here.
To learn more about Ubuntu Server 20.04 LTS, visit our website.
If you’d like to learn more on commercial support for Ubuntu Server, get in touch with Canonical.