Tutorials VPS

How to update Ubuntu on a VPS

Jun 22, 2026

/

Alma

/

6 min Read

How to update Ubuntu on a VPS
Summarize with:
ChatGPT Claude.ai Google AI Grok Perplexity
Share:

Learning how to update Ubuntu on a VPS is one of the first steps after setting up your server. Updates patch security holes, fix software bugs, and keep your packages compatible with the latest libraries. Servers that fall behind are easier targets for attackers and more likely to break when you install new software.

To update Ubuntu, you’ll run a few apt commands through the terminal. You can also set up automatic security updates so patches apply even when you’re not logged in.

Updating packages is different from upgrading to a new Ubuntu release (like moving from 22.04 to 24.04). A release upgrade replaces system-level files and is a separate process.

You’ll need SSH or terminal access to your server to run these commands.

Here are the commands in order. On a production server, create a snapshot or backup before running apt upgrade.

sudo apt update
apt list --upgradable
sudo apt upgrade
sudo apt autoremove
cat /var/run/reboot-required
sudo reboot

1. Connect to your Ubuntu server

Connect to your Ubuntu server by running the ssh command from a terminal on your local computer:

ssh username@your_server_ip

Replace username with your actual user (often root on a fresh server) and your_server_ip with the server’s IP address.

Hostinger users can find their VPS IP address and login details in hPanel under the VPS section. From there, connect using Terminal on macOS and Linux, Windows Terminal or PuTTY on Windows, or any other SSH client.

If this is your first time working with a remote server, set up a VPS before starting the update process. A few basic SSH commands, such as ls, cd, and pwd, will help you navigate the server.

For a more secure login, you can set up SSH keys instead of using a password every time.

2. Check your current Ubuntu version

Use lsb_release -a or hostnamectl to check which Ubuntu version your server is running before you start updating.

lsb_release -a

This prints the distributor, description, release number, and codename. The Release line shows your version number, like 24.04, and Codename shows the name, like noble.

You can also use:

hostnamectl

The Operating System line in the output confirms your Ubuntu version and shows the kernel version and system architecture.

Knowing your version matters because some packages and updates are specific to each release. If neither command works on your system, you can check your Ubuntu version using other tools, such as /etc/os-release.

3. Refresh the package list

sudo apt update refreshes your server’s local list of available packages from Ubuntu’s repositories:

sudo apt update

This command does not install anything. It only downloads the latest package information so your server knows what can be upgraded and where to get it.

At the end of the output, a line like 8 packages can be upgraded tells you updates are ready. If it says All packages are up to date, there’s nothing to install.

Run this command before every upgrade. Without a fresh list, apt upgrade may skip updates or try to download versions that no longer exist.

4. Check available package upgrades

apt list --upgradable shows every package that has a newer version available:

apt list --upgradable

The output lists each package name, its current version, and the version it will upgrade to. If you don’t recognize most of the names, that’s normal. Most are system libraries or background dependencies.

On a production VPS, check this list before upgrading so you know whether a database, web server, or language runtime is about to change.

If you want to skip a specific package for now, hold it with sudo apt-mark hold package_name and upgrade the rest.

Pro Tip

Create a snapshot or backup before upgrading, especially on a production server. If an update causes problems, a snapshot gives you a faster recovery path than troubleshooting live. Hostinger users can create a VPS snapshot from hPanel.

5. Upgrade installed packages

sudo apt upgrade installs all available package updates on your Ubuntu server:

sudo apt upgrade

APT shows a summary of what it plans to change. Type Y and press Enter to confirm.

This command installs newer versions of your current packages. It adds new dependencies if a package needs them, but it won’t remove anything already installed.

Some running services (like Nginx or MySQL) may restart automatically after their packages update. On a production server, plan upgrades during low-traffic hours.

If an update needs to remove a package to solve a dependency conflict, apt upgrade skips it. This often happens during kernel or major library updates. For those situations, use:

sudo apt full-upgrade

Warning! full-upgrade can remove packages to solve dependency problems. Review the summary carefully before confirming, and check that APT isn't removing something you rely on.

6. Remove unused packages

sudo apt autoremove deletes packages that were installed as dependencies but are no longer needed:

sudo apt autoremove

After upgrades, old dependency versions (like outdated kernel images or replaced library packages) often stay behind. autoremove finds and removes them.

7. Reboot the VPS if required

Check whether your server needs a reboot by looking for the file /var/run/reboot-required:

cat /var/run/reboot-required

If the file exists, the output reads *** System restart required ***. If nothing prints, no reboot is needed. Kernel and system library updates are the most common reason this file appears.

This file is created by post-install hooks in certain packages. On minimal or custom Ubuntu images, the hooks may not be present, so a reboot could still be needed even when the file doesn’t appear. If you just updated the kernel, reboot regardless.

To see which packages triggered the reboot notice:

cat /var/run/reboot-required.pkgs

When you’re ready, reboot with:

sudo reboot

Your SSH session will disconnect. Wait a minute or two, then reconnect.

Important! Save any work and let your team know before rebooting a production VPS. Running services stop during the restart, so plan reboots during a maintenance window.

8. Confirm Ubuntu is updated

Verify that your server is fully updated by running sudo apt update again and checking for leftover upgrades:

sudo apt update
apt list --upgradable

apt list --upgradable should return nothing below the Listing… Done line. That means all available packages are current.

To confirm the kernel version after a reboot:

uname -r

The version number should match the latest kernel that was installed. You can also re-run lsb_release -a to verify your Ubuntu release. Package updates don’t change the release number. Only do-release-upgrade moves you to a new Ubuntu version like 24.04 or 26.04.

How to enable automatic security updates on Ubuntu

Install the unattended-upgrades package to apply security patches automatically between manual update sessions.

Many Ubuntu Server installs already have it. Check by running:

dpkg -s unattended-upgrades | grep Status

If the output shows install ok installed, the package is already there. If not, install it:

sudo apt install unattended-upgrades

Then enable it:

sudo dpkg-reconfigure unattended-upgrades

A prompt asks whether to automatically download and install stable updates. Select Yes.

This creates the settings file at /etc/apt/apt.conf.d/20auto-upgrades, which tells APT to check for and apply security updates daily. By default, only packages from Ubuntu’s -security repository are included.

To change what gets updated, block specific packages, or set automatic reboot rules, edit /etc/apt/apt.conf.d/50unattended-upgrades.

Automatic updates don’t replace manual check-ins. Log in regularly to check for pending reboots, failed updates in /var/log/unattended-upgrades/, and whether your services are running as expected.

Common Ubuntu update errors

Most update problems come down to five issues: locked package files, interrupted updates, broken dependencies, missing repositories, and package configuration prompts.

Locked APT process. You see an error like Could not get lock /var/lib/dpkg/lock-frontend. This means another package manager process is still running. Check what’s using the lock:

sudo lsof /var/lib/dpkg/lock-frontend

Wait for the existing process to finish. If the process crashed and left a stale lock, remove it only after confirming nothing is running:

sudo rm /var/lib/dpkg/lock-frontend
sudo dpkg --configure -a

Interrupted update. An SSH drop or power loss mid-update can leave packages half-installed. Fix it with:

sudo dpkg --configure -a

This finishes setting up any packages that were left in a broken state.

Broken dependencies. When packages need other packages that aren’t installed, run:

sudo apt --fix-broken install

APT downloads the missing packages and reconfigures everything so the dependencies match.

Missing repository. If apt update shows errors about a repository it can’t reach, check your sources list in /etc/apt/sources.list and the files in /etc/apt/sources.list.d/. Remove or fix any entries pointing to repositories that no longer exist.

Package configuration prompts. Sometimes an update asks whether to keep your current config file or replace it with the package’s new version. On a VPS where you’ve customized config files, choose to keep the local version unless you know the new file is needed.

If you’re new to the terminal, brushing up on common Linux commands like grep, cat, and ps can speed up troubleshooting.

Keep your Ubuntu VPS secure after updating

Updating packages is one way to keep a VPS safe. A maintenance routine also covers SSH security, firewalls, monitoring, and backups.

Start by locking down SSH access. Disable root login, change the default SSH port, and switch to key-based login. Applying VPS security best practices alongside regular updates closes the most common attack paths.

Next, configure a firewall on Ubuntu using UFW (Uncomplicated Firewall) to control which traffic reaches your server. UFW is built into Ubuntu and can be set up with just a few commands.

Set a weekly schedule: update packages, check for pending reboots, review firewall rules, and test your backups. Writing it down keeps things consistent.

If you’re on Hostinger VPS hosting, you already have DDoS protection and snapshot support built in, so your maintenance routine has a safety net from the start.

"Hostinger

All of the tutorial content on this website is subject to Hostinger's rigorous editorial standards and values.

Author
The author

Alma Rhenz Fernando

Alma is an AI Content Editor with 9+ years of experience helping ideas take shape across SEO, marketing, and content. She loves working with words, structure, and strategy to make content both useful and enjoyable to read. Off the clock, she can be found gaming, drawing, or diving into her latest D&D adventure.

More from Alma Rhenz Fernando

Related tutorials

Top 10 Ruby on Rails alternatives: Key features and pricing

15 Jun • VPS

Top 10 Ruby on Rails alternatives: Key features and pricing

Ruby on Rails is a strong way to build web apps, APIs, SaaS products, and internal tools. It’s a convention-based framework built on the...

By Alma Rhenz Fernando

Docker best practices for building and running containers

11 Jun • VPS

Docker best practices for building and running containers

Docker best practices are guidelines for building, running, and maintaining containers securely and efficiently. Docker packages applications and...

By Ksenija Drobac Ristovic

10 Gemma 4 use case examples for 2026

09 Jun • VPS

10 Gemma 4 use case examples for 2026

Gemma 4 is a family of open-weight AI models from Google DeepMind built for on-device assistants, coding agents, document analysis, multilingual...

By Bruno Santana

What our customers say

Trustpilot