It’s been three years since Red Hat launched RHEL 9, and now the enterprise Linux giant is back with a major new release: Red Hat Enterprise Linux 10, powered by Linux kernel 6.12.
If you’re running infrastructure at scale, especially in the cloud, this release is packed with forward-looking features worth your attention.
But let’s set expectations right up front: RHEL 10 is not aimed at weekend tinkerers or desktop hobbyists. This is business-grade Linux, laser-focused on cloud performance, security, and enterprise workflows.
Still curious? Let’s walk through what’s new—and why it matters.
Table of Contents
💡 Lightspeed: AI Meets the Command Line
What it is: Lightspeed is an AI assistant built directly into the RHEL terminal. It answers natural language questions like, “Why did my SSH session fail?” and provides actionable solutions.
Background: Traditionally, troubleshooting in Linux has required experience and a lot of Googling—or a Red Hat support subscription. Lightspeed bridges that gap by combining LLM technology with Red Hat’s support knowledge base, turning the command line into a smarter, self-service interface.
Why it matters: As IT teams scale and face skill gaps, an AI-powered assistant helps reduce downtime, democratize troubleshooting, and speed up onboarding for newer sysadmins.
🔐 Post-Quantum Cryptography & FIPS Compliance
What it is: RHEL 10 is the first enterprise Linux distro to include post-quantum crypto algorithms aligned with FIPS (Federal Information Processing Standards) compliance.
Background: Quantum computing threatens to break today’s cryptographic algorithms in the future. In response, NIST has been standardizing quantum-safe cryptography. Red Hat is ahead of the curve by integrating this into RHEL 10.
Why it matters: Highly regulated industries—finance, healthcare, government—need future-proof security. RHEL 10 gives them a head start on quantum readiness, without waiting for a crisis to hit.
See also: Mastering the Linux Command Line — Your Complete Free Training Guide
🔐 TLS & SSH Updates for Modern Threats
What it is: TLS now uses GnuTLS 3.8.9, which fully validates all OCSP responses and enforces a minimum 2048-bit RSA key size. SSH has been updated to OpenSSH 9.9, improving host-key permission enforcement and aligning with upstream best practices.
Background: Certificate-based communication is the backbone of secure networking. By tightening cryptographic enforcement and eliminating outdated defaults, Red Hat is hardening the platform against emerging threats.
Why it matters: These updates reduce the risk of misconfigured or weak encryption, ensuring RHEL stays compliant with modern security baselines—especially in FIPS-mode deployments.
🔥 Firewall & PolicyKit Enhancements
What it is: RHEL 10 ships with nftables 1.1.1, offering JSON support, VLAN matching (including Q-in-Q), and improved rate-limiting. The polkit daemon, which handles user permissions, has also been upgraded to version 125.
Background: nftables has been replacing iptables as the default firewall manager in modern Linux. Meanwhile, polkit helps manage non-root user access without giving away full privileges.
Why it matters: These changes boost network performance, simplify automation, and provide granular security control—vital for complex multi-tenant and cloud-native environments.
🌐 Predictable Network Interface Naming (Finally)
What it is: Gone are the days of eth0 and eth1. RHEL 10 fully embraces predictable interface names (like ens3 or ens192) and removes support for legacy naming.
Background: Introduced by systemd in 2015, predictable naming prevents confusion when hardware ordering changes. It’s especially helpful in cloud VMs and multi-NIC setups, where interface order can change between boots.
Why it matters: Fewer surprises during provisioning. Consistent naming leads to cleaner automation, better network scripts, and less human error.
👩💻 Anaconda Gives Admin Privileges by Default
What it is: When you create a new user in the RHEL 10 graphical installer (Anaconda), they get admin privileges by default—unless you manually uncheck it.
Background: Previously, users had to manually opt into admin rights during setup, which was easy to forget and annoying to correct later.
Why it matters: This change simplifies setup workflows for new systems, especially in cloud environments or labs. But it also means admins need to double-check user roles for secure production deployments.
🔐 Kickstart Adds Zero Trust Features
What it is: Kickstart (RHEL’s automation tool for unattended installs) now supports CA certificate injection and encrypted DNS setup during provisioning.
Background: Traditionally, securing your network setup during installation required lots of manual steps. This update builds security into the provisioning flow—aligned with Zero Trust Architecture guidelines.
Why it matters: Teams deploying hundreds of servers can now automate secure installs from Day 1—no more unsecured DNS lookups or manual cert distribution.
🖥️ GNOME 47 & RDP Replace VNC
What it is: RHEL 10 includes GNOME 47 and now uses the Remote Desktop Protocol (RDP) instead of VNC for graphical access.
Background: VNC is decades old and not encrypted by default. RDP, originally from the Windows world, is now cross-platform, encrypted, and more performant.
Why it matters: Secure, fast remote access to Linux desktops is now possible—even over untrusted networks—without requiring SSH tunnels or third-party tools.
🧱 Advanced Partitioning in Image Builder
What it is: Image Builder now supports custom partitions, LVM, and tailored swap sizes, letting admins create precisely tuned disk images.
Background: Before, creating specialized cloud or VM images often required manual tweaking. Now it’s automated.
Why it matters: This gives DevOps teams more flexibility to pre-build images that meet specific performance, security, or compliance requirements—before deployment.
🚀 UEFI & Secure Boot on AWS by Default
What it is: RHEL 10 public cloud images now boot with UEFI and Secure Boot by default, and they drop the separate /boot partition.
Background: Secure Boot ensures only signed OS code runs at startup, helping prevent rootkits. Dropping /boot simplifies system updates and disk space management.
Why it matters: This change boosts startup security and reduces maintenance complexity, especially for teams deploying at scale across cloud providers.
📦 Unified Container Image Mode
What it is: RHEL 10 introduces a new container-native image mode that lets you manage the OS and app stack together.
Background: In traditional container setups, you had to separately update the OS and your app layer. Now, you can treat the whole image as a single unit.
Why it matters: Simplifies patching, rollback, and deployment in CI/CD pipelines—especially useful in regulated or high-uptime environments.
📚 Smarter Package Management
What it is: DNF now skips file list downloads by default, and uses librpmio for PGP verification. The RPM database has also moved to /usr for better snapshot/rollback support.
Background: Managing Linux packages can be slow and error-prone. These backend changes streamline and standardize updates across the platform.
Why it matters: Speeds up provisioning and updates. Aligns RHEL with systems like Fedora Silverblue and CoreOS, which rely on atomic updates and rollback safety.
💻 Updated Dev Stack: Python 3.12, Node.js 22 & More
What it is: RHEL 10 ships with a modern dev toolkit:
- Python 3.12 (faster and safer)
- Perl 5.40, Ruby 3.3.7
- Node.js 22, GCC 14.2
- PostgreSQL 16, MySQL 8.4, MariaDB 10.11
Background: Developers want modern language support—without having to compile it themselves or rely on third-party repos.
Why it matters: You get an up-to-date, secure, enterprise-ready development stack out of the box. Great for both app developers and platform engineers.
🔮 Looking Ahead: New Add-Ons and Architectures
RHEL 10 also opens the door to some exciting long-term changes:
- Security Select Add-On: Let customers request patches for specific CVEs, instead of waiting on full updates.
- Cloud-Optimized Images: Available from day one on AWS, Azure, and Google Cloud.
- Extension Marketplace: Discover curated, signed tools like Podman Desktop.
- AI Hardware Support: Builds optimized for GPU and AI workloads.
- RISC-V Developer Preview: Early access to open hardware via SiFive’s HiFive P550 board.
📥 Try RHEL 10 Today
RHEL 10 is available now via the Red Hat Customer Portal. If you’re part of the Red Hat Developer Program, you can test-drive it for free—complete with tutorials, sample workloads, and SDKs.
Production use still requires a subscription, but the barrier to exploring RHEL has never been lower.
If you’re serious about building or running Linux in the cloud, RHEL 10 is a compelling next step.
