ubuntu-advantage <command> [parameters]
This tool is used to enable or disable specific Ubuntu Advantage offer-
ings from Canonical. The available modules and their commands are
described below. It must be run with root privileges.
status Show the status of Ubuntu Advantage offerings.
ESM (Extended Security Maintenance)
Ubuntu Extended Security Maintenance archive. See
https://ubuntu.com/esm for more information.
Enable the ESM repository. The token argument must be in the
Disable the ESM repository.
Livepatch (Canonical Livepatch Service)
Managed live kernel patching. For more information, visit
Enable the Livepatch service. The token can be obtained by vis-
Disable the Livepatch service. If the -r option is given, the
canonical-livepatch snap will be removed after the sevice is
FIPS (Canonical FIPS 140-2 certified modules)
Install, Configure, and Enable FIPS 140-2 certified modules.
Enable the FIPS PPA repository, install the FIPS modules, con-
figure the bootloader and enable fips on the system. After suc-
cessfully executing the ubuntu-advantage script to enable fips,
the system MUST be rebooted to complete the enablement process.
Failing to reboot will result in the system not being fips
enabled. The token argument must be in the form "user:pass-
The following FIPS certified modules will be installed and put
in fips mode; openssh-server, openssh-client, strongswan,
openssl, and the kernel cryptoapi.
5 Current kernel is too old to support Snaps (required for the
6 It was determined that FIPS has already been installed.
If apt commands run by the tool fail, the exit status from apt is
28 April 2017 UBUNTU-ADVANTAGE(1)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2018
All Rights Reserved.