It’s been three years since Red Hat launched RHEL 9, and now the enterprise Linux giant is back with a major new release: Red Hat Enterprise Linux 10, powered by Linux kernel 6.12.
If you’re running infrastructure at scale, especially in the cloud, this release is packed with forward-looking features worth your attention.
But let’s set expectations right up front: RHEL 10 is not aimed at weekend tinkerers or desktop hobbyists. This is business-grade Linux, laser-focused on cloud performance, security, and enterprise workflows.
Still curious? Let’s walk through what’s new—and why it matters.
Get Your Free Linux training!
Join our free Linux training and discover the power of open-source technology. Enhance your skills and boost your career! Start Learning Linux today - Free!Table of Contents
💡 Lightspeed: AI Meets the Command Line
What it is: Lightspeed is an AI assistant built directly into the RHEL terminal. It answers natural language questions like, “Why did my SSH session fail?” and provides actionable solutions.
Background: Traditionally, troubleshooting in Linux has required experience and a lot of Googling—or a Red Hat support subscription. Lightspeed bridges that gap by combining LLM technology with Red Hat’s support knowledge base, turning the command line into a smarter, self-service interface.
Why it matters: As IT teams scale and face skill gaps, an AI-powered assistant helps reduce downtime, democratize troubleshooting, and speed up onboarding for newer sysadmins.
🔐 Post-Quantum Cryptography & FIPS Compliance
What it is: RHEL 10 is the first enterprise Linux distro to include post-quantum crypto algorithms aligned with FIPS (Federal Information Processing Standards) compliance.
Background: Quantum computing threatens to break today’s cryptographic algorithms in the future. In response, NIST has been standardizing quantum-safe cryptography. Red Hat is ahead of the curve by integrating this into RHEL 10.
Why it matters: Highly regulated industries—finance, healthcare, government—need future-proof security. RHEL 10 gives them a head start on quantum readiness, without waiting for a crisis to hit.
🔐 TLS & SSH Updates for Modern Threats
What it is: TLS now uses GnuTLS 3.8.9, which fully validates all OCSP responses and enforces a minimum 2048-bit RSA key size. SSH has been updated to OpenSSH 9.9, improving host-key permission enforcement and aligning with upstream best practices.
Background: Certificate-based communication is the backbone of secure networking. By tightening cryptographic enforcement and eliminating outdated defaults, Red Hat is hardening the platform against emerging threats.
Why it matters: These updates reduce the risk of misconfigured or weak encryption, ensuring RHEL stays compliant with modern security baselines—especially in FIPS-mode deployments.
🔥 Firewall & PolicyKit Enhancements
What it is: RHEL 10 ships with nftables 1.1.1, offering JSON support, VLAN matching (including Q-in-Q), and improved rate-limiting. The polkit daemon, which handles user permissions, has also been upgraded to version 125.
Background: nftables has been replacing iptables as the default firewall manager in modern Linux. Meanwhile, polkit helps manage non-root user access without giving away full privileges.
Why it matters: These changes boost network performance, simplify automation, and provide granular security control—vital for complex multi-tenant and cloud-native environments.
🌐 Predictable Network Interface Naming (Finally)
What it is: Gone are the days of eth0 and eth1. RHEL 10 fully embraces predictable interface names (like ens3 or ens192) and removes support for legacy naming.
Background: Introduced by systemd in 2015, predictable naming prevents confusion when hardware ordering changes. It’s especially helpful in cloud VMs and multi-NIC setups, where interface order can change between boots.
Why it matters: Fewer surprises during provisioning. Consistent naming leads to cleaner automation, better network scripts, and less human error.
👩💻 Anaconda Gives Admin Privileges by Default
What it is: When you create a new user in the RHEL 10 graphical installer (Anaconda), they get admin privileges by default—unless you manually uncheck it.
Background: Previously, users had to manually opt into admin rights during setup, which was easy to forget and annoying to correct later.
Why it matters: This change simplifies setup workflows for new systems, especially in cloud environments or labs. But it also means admins need to double-check user roles for secure production deployments.
🔐 Kickstart Adds Zero Trust Features
What it is: Kickstart (RHEL’s automation tool for unattended installs) now supports CA certificate injection and encrypted DNS setup during provisioning.
Background: Traditionally, securing your network setup during installation required lots of manual steps. This update builds security into the provisioning flow—aligned with Zero Trust Architecture guidelines.
Why it matters: Teams deploying hundreds of servers can now automate secure installs from Day 1—no more unsecured DNS lookups or manual cert distribution.
🖥️ GNOME 47 & RDP Replace VNC
What it is: RHEL 10 includes GNOME 47 and now uses the Remote Desktop Protocol (RDP) instead of VNC for graphical access.
Background: VNC is decades old and not encrypted by default. RDP, originally from the Windows world, is now cross-platform, encrypted, and more performant.
Why it matters: Secure, fast remote access to Linux desktops is now possible—even over untrusted networks—without requiring SSH tunnels or third-party tools.
🧱 Advanced Partitioning in Image Builder
What it is: Image Builder now supports custom partitions, LVM, and tailored swap sizes, letting admins create precisely tuned disk images.
Background: Before, creating specialized cloud or VM images often required manual tweaking. Now it’s automated.
Why it matters: This gives DevOps teams more flexibility to pre-build images that meet specific performance, security, or compliance requirements—before deployment.
🚀 UEFI & Secure Boot on AWS by Default
What it is: RHEL 10 public cloud images now boot with UEFI and Secure Boot by default, and they drop the separate /boot partition.
Background: Secure Boot ensures only signed OS code runs at startup, helping prevent rootkits. Dropping /boot simplifies system updates and disk space management.
Why it matters: This change boosts startup security and reduces maintenance complexity, especially for teams deploying at scale across cloud providers.
📦 Unified Container Image Mode
What it is: RHEL 10 introduces a new container-native image mode that lets you manage the OS and app stack together.
Background: In traditional container setups, you had to separately update the OS and your app layer. Now, you can treat the whole image as a single unit.
Why it matters: Simplifies patching, rollback, and deployment in CI/CD pipelines—especially useful in regulated or high-uptime environments.
📚 Smarter Package Management
What it is: DNF now skips file list downloads by default, and uses librpmio for PGP verification. The RPM database has also moved to /usr for better snapshot/rollback support.
Background: Managing Linux packages can be slow and error-prone. These backend changes streamline and standardize updates across the platform.
Why it matters: Speeds up provisioning and updates. Aligns RHEL with systems like Fedora Silverblue and CoreOS, which rely on atomic updates and rollback safety.
💻 Updated Dev Stack: Python 3.12, Node.js 22 & More
What it is: RHEL 10 ships with a modern dev toolkit:
- Python 3.12 (faster and safer)
- Perl 5.40, Ruby 3.3.7
- Node.js 22, GCC 14.2
- PostgreSQL 16, MySQL 8.4, MariaDB 10.11
Background: Developers want modern language support—without having to compile it themselves or rely on third-party repos.
Why it matters: You get an up-to-date, secure, enterprise-ready development stack out of the box. Great for both app developers and platform engineers.
🔮 Looking Ahead: New Add-Ons and Architectures
RHEL 10 also opens the door to some exciting long-term changes:
- Security Select Add-On: Let customers request patches for specific CVEs, instead of waiting on full updates.
- Cloud-Optimized Images: Available from day one on AWS, Azure, and Google Cloud.
- Extension Marketplace: Discover curated, signed tools like Podman Desktop.
- AI Hardware Support: Builds optimized for GPU and AI workloads.
- RISC-V Developer Preview: Early access to open hardware via SiFive’s HiFive P550 board.
📥 Try RHEL 10 Today
RHEL 10 is available now via the Red Hat Customer Portal. If you’re part of the Red Hat Developer Program, you can test-drive it for free—complete with tutorials, sample workloads, and SDKs.
Production use still requires a subscription, but the barrier to exploring RHEL has never been lower.
If you’re serious about building or running Linux in the cloud, RHEL 10 is a compelling next step.