Red Hat Enterprise Linux 9 Released with Security Enhancements

Red Hat Enterprise Linux 9 Released with Security Enhancements

Red Hat Enterprise Linux (RHEL) 9 is available and delivers exciting new features and many more improvements. Here’s what is new!

Red Hat is the most well-known name in the Linux world when it comes to enterprise solutions. Many companies’ production operating systems begin and end with Red Hat Enterprise Linux. So it’s no surprise that every new release causes a comprehensive response in IT business circles.

Quite a few things further make Red Hat Enterprise Linux 9 an even more exciting release.

Above all, this is the first Red Hat Enterprise Linux release built on CentOS Stream, allowing developers to contribute to and test the code before release. Furthermore, it is the first major release since IBM’s acquisition of Red Hat in July 2019.

So, enough factors further sharpen our interest in what the new release of this enterprise-focused Linux distribution offers. But let’s now move on to the more exciting things to note in the recently released new version 9.

Red Hat Enterprise Linux (RHEL) 9 Highlights

Red Hat Enterprise Linux 9 comes with Linux kernel 5.14. If you use it with a desktop environment, you get GNOME 40, which runs on Wayland by default and the availability of the Pipewire audio server.

Red Hat Enterprise Linux 9 Default GNOME 40 Desktop

However, in our opinion, when we are talking about enterprise distribution with the scale of Red Hat, the desktop environment is hardly the thing that interests businesses the most.

Although we pay close attention to this aspect in other distributions, the focus here is in a different direction. Therefore, we will concentrate on the other more essential highlights in the release.

Security

As in previous versions, security remains one of the trademarks of this distribution, and Red Hat Enterprise Linux 9 is no exception. In addition, the company’s engineers have paid particular attention to many related components.

We start with the fact that in RHEL 9, the SHA-1 message digest for cryptographic purposes has been deprecated. Because of numerous known successful attacks based on identifying hash collisions, the digest produced by SHA-1 is not considered secure.

So, by default, the RHEL core crypto components no longer generate signatures using SHA-1.

OpenSSL 3.0.1 is now available, including a provider concept, a new versioning method, an enhanced HTTP(S) client, support for additional protocols, formats, algorithms, and many other enhancements.

On top of that, OpenSSH is distributed in version 8.7p1, which has numerous advancements, bug fixes, and security improvements over version 8.0p1, which is included with RHEL 8.5. Furthermore, RHEL 9 prohibits users from logging in as root via SSH with a password to avoid brute force attacks on passwords.

Apart from those mentioned above, SELinux performance has been improved, including the time it takes to load SELinux policy into the kernel, memory overhead, and other parameters.

Finally, all fans of the widely popular WireGuard VPN solution have a reason to rejoice with this release. The WireGuard VPN technology is currently available as an unsupported Technology Preview.

Virtualization

In Red Hat Enterprise Linux 9, the popular Virtual Machine Manager, often known as virt-manager, has been deprecated. The RHEL web console, commonly known as Cockpit, is set to replace it in a future edition.

As a result, it is advised that you use the online portal to manage virtualization through a graphical user interface. However, it should be noted that some virt-manager functions may not yet be available through the RHEL online portal.

And speaking of the Cockpit web-based GUI console, we can not fail to mention that there is an added Diagnostic Reports area that allows you to collect system configuration and diagnostic information to aid in diagnosing system problems.

The report will be prepared and presented with the press of a button, allowing you to gain valuable insights into what’s causing your server’s performance to suffer.

Moreover, users can utilize smart card authentication to access remote hosts via the web console (sudo, SSH, etc.).

Continuing with the virtualization, we note that the Clang compiler is now used to build the QEMU emulator. This allows the Red Hat Enterprise Linux 9 KVM hypervisor to take advantage of enhanced security and debugging features.

In addition, it is important to mention that in RHEL 9, internal virtual machine snapshots are no longer supported due to their lack of optimization and stability. External snapshots are preferred instead.

Easy Kernel Live Patching

Another key highlight of this release is the availability of applying kernel security patches without reboot in the web console.

We all know that downtime is one of the worst things that can happen to you when it comes to production business systems. Of course, till now, you can use the Red Hat Enterprise Linux kernel live patching solution to patch a running kernel without rebooting or restarting any processes.

But the Red Hat engineers have made it easier than ever in Red Hat Enterprise Linux 9 to apply kernel patches using the web console. So, you can now use the web console’s power and simplicity to apply live kernel updates.

Application Updates

One of the things that most interest developers and system administrators using Linux is the version of the various development libraries and servers.

Red Hat Enterprise Linux 9 users will not be disappointed because they will find plenty of application updates, including Node.js 16, Perl 5.32, PHP 8.0, Python 3.9, Ruby 3.0, Git 2.31, Subversion 1.14, Apache 2.4.51, Nginx 1.20, Varnish Cache 6.6, Squid 5.2, MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2, LLVM Toolset 13.0.1, Rust Toolset 1.58.1, Go Toolset 1.17.7, GCC 11.2.1, Grafana 7.5.11, Maven 3.6, and Ant 1.10.

Bottom Line

RHEL 9 is currently available for four architectures:

  • AMD and Intel 64-bit architectures (x86-64-v2)
  • The 64-bit ARM architecture (ARMv8.0-A)
  • IBM Power Systems, Little Endian (POWER9)
  • 64-bit IBM Z (z14)

Our initial tests impressed us with the possibilities Red Hat Enterprise Linux 9 offers.

Red Hat Enterprise Linux 9 Installer

Of course, although being intended for businesses, Red Hat Enterprise Linux may be legally and freely installed and used by any Linux enthusiast. To see how you can take advantage of this great opportunity, we highly recommend our detailed guide, “How to Install RHEL 8: A Complete Step-by-Step Guide.”

And very finally, we will finish with the clarification that it is now possible to perform an in-place upgrade from RHEL 7 to RHEL 9. Of course, first, you can perform an in-place upgrade from RHEL 7 to RHEL 8 and then perform a second in-place upgrade to RHEL 9.

For detailed information about all changes in Red Hat Enterprise Linux 9, you can refer to the release notes.

Leave a Reply

Your email address will not be published.