Sisällys
Keeping your computer and personal information safe from security threats is one of the most important aspects of computing today. This guide aims to help you achieving a higher level of security. Pay particular attention to the following subsections:
Security updates are very important. They are the best defense you have against the people who want to harm your computer, and you should install them immediately. When a security update is released, hackers already know how to abuse computers that are not up-to-date. In the worst case scenario, they are searching for victims to hack with automated programs in under a few hours.
Automatic security updates are enabled by default in Xubuntu. If you want to change the settings for the automatic updates, go to the Updates tab under → → and change the settings to your liking.
![]() |
|
If you disable automatic updates, you are lowering the security level of your computer. When the automatic updates are turned off, it's essential to remember to upgrade manually often. |
![]() |
|
If you use an Internet connection with limited bandwidth and do not want to use automatic updates, remember to update every time you have access to an unlimited connection. |
Using strong and unique passwords for important and sensitive accounts helps prevent unauthorized access to your personal information, identity theft and direct financial losses. Consider the following scenario:
Alice uses identical passwords for mytrustedbank.com and insecureblog.com
insecureblog is hacked and Alice’s information and password are stolen
Hackers can now access Alice’s bank account and steal her money
Password reuse can turn into a disaster. You should pay attention to use unique and strong passwords for the following services:
Email accounts. Email accounts can be used to reset all your other passwords via the “Forgotten password” links found on all websites.
Key stores and password managers. It is worth having a good password for those services, since they allow you to avoid typing many other passwords!
Accounts related to banking, including PayPal and other payment sites. If someone can access these, they can steal your money.
The strength of a password depends on how hard it is for an attacker to guess it. Attackers use special programs that can make millions of guesses per second, so weak passwords don’t stand a chance.
Some passwords (like monkey
, password
,
test
, 123456
) are extremely
common. If you use those common passwords, your accounts will be
hacked easily. However, adding capital letters, numbers or symbols
is often not enough to turn a weak password into a strong one. This
is because people reliably pick the same additional symbols and
numbers (for instance, monkey1
is more common
than mo5nkey
, and also more common than
monkey hoover
).
It is better to choose a longer secret, such as a pass phrase
(for example correct horse stable battery
), than
a secret that is both hard to remember and easy to crack. Consider
using a series of common words which you can easily remember. Do not
pick words that people around you would naturally associate with you
(for instance, you should not pick poker related words if you play
poker every day).
While using the same password for multiple accounts is not encouraged, everybody ends up doing this, even security experts. There is no definitive agreement among security researchers on how to reduce the risk of reusing passwords, but you should consider the following:
Separate your professional password from your personal passwords.
Avoid mixing passwords between websites where attackers can damage your reputation and low-value websites.
Use a password you're willing to lose for sites you do not trust.
Do not "waste" passwords on websites you connect to once a year. Make up a random password and use the "forgotten password" feature next time.
You don’t need to change your passwords every other day. In many cases, if an attacker could steal your password, they will be able to steal it again in the future.
If you do need to change your password, you must pick one that is
actually different from the previous one. For
example, monkey5
is not an acceptable substitute
for monkey4
, and it will be easily guessed by an
attacker who already stole your previous password!
To change your password, follow the steps below:
Avaa → →
Napsauta käyttäjänimeäsi listalla
Napsauta Vaihda... Salasana-otsikon vieressä
Ensin syötä Nykyinen salasana
Nyt voit joko
Luoda satunnaisen salasanan valitsemalla Luo satunnainen salasana ja napsauttamalla
Valita uuden salasanasi itse kirjoittamalla uuden salasanan Uusi salasana ja Vahvistus -kenttiin
Lopulta, napsauta
vahvistaaksesi salasanan vaihtamisen
![]() |
|
Vaikka Xubuntun voi asettaa kirjautumaan automaattisesti käynnistyksen yhteydessä, on automaattinen sisäänkirjautuminen erittäin epäsuositeltavaa, sillä se tarjoaa järjestelmällesi vähemmän turvaa. Käytä automaattista sisäänkirjautumista vain jos voit luottaa jokaiseen, jolla on pääsy tietokoneellesi. |
Websites like haveibeenpwned.com can tell you if your email address or username appears amongst databases of stolen passwords. It is a good idea to check it every other month. Besides, you may occasionally hear about a service you use in the news, or get an email from a service provider informing you that they have been hacked. When you are confident that a password has been compromised, you should:
identify all the services where you used that password
change your password on all those services
verify the recent activity on the concerned accounts (watch out for money transfers; also, email services often keep a log of your recent connections with IP addresses and locations)
![]() |
|
Never reveal your password to a third-party website. The website above is OK to use because asks for an email address, which is relatively public information. It does not ask for a password. Websites that ask for your password will most likely misuse it. |
Password managers are a very convenient way of using many unique passwords without having to remember them all!
![]() |
|
There are several password managers available in the Ubuntu Software Center, including KeePassX and PaSaffe. |
Some password managers, like KeePassX can synchronise your passwords across devices, including Windows or OS X computers. You should be aware of a few limitations, if you decide to use a password manager:
Online password managers can be hacked too. Do not store your email or bank passwords in a password manager.
Use a memorable password to unlock your password manager! If you lose that password, you could end up losing access to all your accounts (another good reason not to store emails in your password manager).
Proprietary password managers should not be trusted. Nobody knows what they do with your passwords.
You may need to use some accounts from your friends or family’s devices. For those accounts, you can tell your password manager to use a specific and memorable password instead of a random password.
If you keep the above advice in mind, password managers can be a great way to stay more secure, more easily!
Install applications from the repository whenever possible.
When running a script found on a troubleshooting or support website or given to you on IRC, take a moment to look at it, or ask a third-party to confirm what the script does. Be especially wary of scripts that require root access, as they could compromise other users' accounts.
Web browser extensions are a popular mechanism among hackers for harming users. They are especially relevant to Linux, since they are compatible with all platforms. Malicious extensions could steal your passwords, monitor your activity online for advertising, abuse your social media accounts or steal your money.
You can take measures to limit the risks you expose yourself to:
Never install an extension that is not distributed by your browser vendor
On Firefox, use a separate user profile for sensitive activities like banking and e-shopping. Firefox user profiles do not share extensions (see Use the Profile Manager to create and remove Firefox profiles).
On Chrome and other browsers, use the Incognito mode for sensitive activities like banking and e-shopping. Incognito mode disables extensions.
Do not open email attachments from people that you don’t know, or if you think the content of the email is incoherent or suspicious (for example invoices coming from people you have never heard of).
Do not reply to spam. This will inform spammers that your email address is active, and it will incite them to send you more spam.
If you run public facing Internet services, or are not on a NAT, you should consider using a firewall. Most home users are not concerned by this measure.
Understand that firewalls are not very useful in their default settings. You should consider what you want to achieve and configure the firewall accordingly. Firewalls can protect you against denial of service attacks, limit access to a service to specific IP addresses or inspect and reject suspicious packets. However, they cannot protect you against unknown or emerging threats, and they do not replace the need to install security updates.
Ongelma, jonka voit toisinaan kohdata on töidesi ja asetuksiesi odottamaton katoaminen syystä tai toisesta. Kyseiselle tietojen katoamiselle on useita ja vaihtelevia syitä aina sähkökatkoksista tiedoston vahingossa poistaminen. On erittäin suositeltavaa että otat säännöllisiä varmuuskopioita tärkeistä tiedostoistasi jotta et ongelman kohdatessasi ole menettänyt näitä tiedostoja.
On järkevää säilyttää varmuuskopiot erillään tietokoneestasi; toisin sanoen sinulla tulisi olla jonkinlainen tiedostonsäilytysjärjestelmä joka ei ole pysyvästi liitetty tietokoneeseesi. Vaihtoehtoja ovat muun muassa kirjoitettavat CD- ja DVD-levyt, ulkoiset kiintolevyt, USB-tikut ja muut verkkoon liitetyt tietokoneet.
A simple way of backing up your files is to manually copy them to a safe location (see above) by using the File Browser as well as the Archive Manager which lets you compress files and pack them together. Alternatively, you can use a dedicated backup application.
Yleisiä ohjeita hyvien varmuuskopioiden pitämiseen:
Varmuuskopioi säännöllisin välein
Testaa aina varmuuskopiosi niiden tekemisen jälkeen jotta voit varmistua että varmuuskopiointi on onnistunut
Merkitse varmuuskopiosi selkeästi ja pidä ne turvallisessa paikassa
![]() |
|
Varmuuskopiointiin on saatavilla useita sovelluksia Ubuntun sovellusvalikoima -sovelluksesta, mukaan lukien Dejà Dup ja luckyBackup. |
![]() |
|
If you use online backup services like Dropbox, it is a good idea to first encrypt your documents and upload an encrypted archive. This will prevent the online services staff from accessing your documents. |
![]() |
|
Backups can also be an effective protection against ransomware, which encrypts your data and will only decrypt it if you pay the developers. To keep clean from ransomware, avoid installing applications from unknown sources. For more information, see ”Do not run scripts or install applications from unknown sources”. |
Full disk encryption is a good measure to protect your computers content should it get stolen. You should consider it if, for instance, your job involves valuable Intellectual Property or executive responsibilities. Remember that full disk encryption will not protect you if you do not shutdown your computer when you are not using it.
![]() |
|
The easiest way to enable full disk encryption is to do it during the installation. |
![]() |
|
You can also create encrypted volumes using dedicated software, for example LUKS. Encrypted volumes can contain arbitrary data of any length. You can mount them like you would insert a USB key when you need to access their content, and keep them closed the rest of the time. Describing the process to do this is outside the scope of this documentation, but there are numerous tutorials online. |
Kun Xubuntu on asennettu, se on valmisteltu yhden käyttäjän käyttöön. Jos useampi kuin yksi henkilö käyttää tietokonetta, on parasta luoda jokaiselle käyttäjälle oma käyttäjätunnus. Lukeaksesi lisää käyttäjien lisäämisestä, lue ”Käyttäjät ja ryhmät”.
Näytön lukitseminen estää muiden henkilöiden pääsyn tietokoneellesi kun et itse ole paikalla. Kaikki sovelluksesi ja työsi säilytetään avoimina sen aikaa kun näyttösi on lukittu.
Lukitaksesi näytön, paina Ctrl+Alt+Delete tai napsauta → .
Avataksesi näytön lukituksen, siirrä hiirtä tai paina mitä tahansa näppäintä. Sitten syötä salasanasi ja paina joko Enter tai napsauta -painiketta.
Jos useammalla kuin yhdellä henkilöllä on käyttäjätili tietokoneellasi ja näyttö on lukittu, muut käyttäjät voivat napsauttaa nuolipainiketta käyttäjän nimen oikealla puolella, valita nimensä listasta ja syöttää salasanansa käyttäkseen tietokonetta vaikka näyttö olisi lukittu. He eivät pääse näkemään avoimena olevia töitäsi. Voit palata lukittuun istuntoosi kun he eivät enää käytä tietokonetta.