What’s New in Rocky Linux 9? Key Security, Network, and Desktop Enhancements Explained

Overview

Rocky Linux, launched in 2021 by Gregory Kurtzer, the co‑founder of CentOS, quickly became a popular RHEL clone. Rocky Linux 9 differentiates itself with the open‑source Peridot build system, enabling the community to create, build, and manage the distribution entirely.

Security Enhancements

SHA‑1 message digests are deprecated due to security concerns.

OpenSSL upgraded to version 3.0.1, adding provider concepts, new version‑control, improved HTTP(S) client, and support for new protocols, formats, and algorithms.

OpenSSH updated to 8.7p1, replacing SCP/RCP with SFTP for more predictable file‑name handling.

SELinux performance, memory overhead, and load time are significantly improved.

Rocky Linux 9 can automatically configure PCI‑DSS, HIPAA, DISA, and other compliance settings via the Anaconda installer.

New Network Features

MultiPath TCP can be configured with mptcpd instead of iproute2.

NetworkManager now stores new connection profiles in keyfiles by default, while still supporting ifcfg files.

Legacy iptables‑nft, ipset, and related utilities are deprecated in favor of the nftables framework.

The old network‑scripts package has been removed; NetworkManager is the primary tool for network configuration.

Desktop Environment

Rocky Linux 9 ships with GNOME 40 as the default desktop. The redesigned core applications, settings, and user interface make the system more user‑friendly, and the Activities overview offers a smoother experience for launching applications and managing workspaces.

File System Improvements

XFS now supports Direct Access (DAX) operations, enabling direct byte‑addressable access to persistent memory and reducing latency.

NFS introduces the "eager write" mount option to further lower latency.

Conclusion

Metrics from Fedora’s Extra Packages for Enterprise Linux (EPEL) show Rocky Linux’s rapid adoption, surpassing CentOS Stream, AlmaLinux, and even RHEL among EPEL users, highlighting its growing popularity in the enterprise Linux ecosystem.