This article provides an overview of changes in RHEL 9 since RHEL 8 to help you evaluate an upgrade to RHEL 9.
RHEL 9 does not contain the legacy network scripts
RHEL 9 does not contain the?network-scripts?package that provided the deprecated legacy network scripts in RHEL 8. To configure network connections in RHEL 9, use NetworkManager. For details, see the?Configuring and managing networking?documentation.
?
NetworkManager stores new network configurations in a key file format
Previously, NetworkManager stored new network configurations to?/etc/sysconfig/network-scripts/?in the?ifcfg?format. Starting with RHEL 9.0, RHEL stores new network configurations at?/etc/NetworkManager/system-connections/?in a key file format. The connections for which the configurations are stored to?/etc/sysconfig/network-scripts/?in the old format still work uninterrupted. Modifications in existing profiles continue updating the older files.
Network teams are deprecated
The?teamd?service and the?libteam?library are deprecated in Red Hat Enterprise Linux 9 and will be removed in the next major release. As a replacement, configure a bond instead of a network team.
Red Hat focuses its efforts on kernel-based bonding to avoid maintaining two features, bonds and teams, that have similar functions. The bonding code has a high customer adoption, is robust, and has an active community development. As a result, the bonding code receives enhancements and updates.
For details about how to migrate a team to a bond, see?Migrating a network team configuration to network bond.
virt-who?now uses?/etc/virt-who.conf?for global options instead of?/etc/sysconfig/virt-who
In RHEL 9, the global options for the?virt-who?utility on your system are stored in the?/etc/virt-who.conf?file. Therefore, the?/etc/sysconfig/virt-who?file is not being used any more, and has been removed.
Support for disabling SELinux through?/etc/selinux/config?has been removed
With this release, support for disabling SELinux through the?SELINUX=disabled?option in the?/etc/selinux/config?file has been removed from the kernel. When you disable SELinux only through?/etc/selinux/config, the system starts with SELinux enabled but with no policy loaded.
The?dump?utility from the?dump?package has been removed
The?dump?utility used for backup of file systems has been deprecated in Red Hat Enterprise Linux 8 and is not available in RHEL 9.
In RHEL 9, Red Hat recommends using the?tar, or?dd?as a backup tool for ext2, ext3, and ext4 file systems. The?dump?utility will be a part of the EPEL 9 repository.
Note that the?restore?utility from the?dump?package remains available and supported in RHEL 9 and is available as the?restore?package.
?
OpenSSH root password login disabled by default
The default configuration of OpenSSH in RHEL 9 disallows users to log in as?root?with a password to prevent attackers from gaining access through brute-force attacks on passwords.
?
SCP not supported in RHEL 9
The secure copy protocol (SCP) protocol is no longer supported because it is difficult to secure. It has already caused security issues, for example?CVE-2020-15778. In RHEL 9, SCP is replaced by the SSH File Transfer Protocol (SFTP) by default.
Caution
By default, SSH cannot connect from RHEL 9 systems to older systems (for example, RHEL 6) or from older systems to RHEL 9. This is because the cryptographic algorithms used in older versions are now considered insecure. If your scenario requires connecting with older systems, you can either use the ECDSA and ECDH algorithms as keys on the legacy system or use the legacy cryptographic policy on the RHEL 9 system. For additional details, see the solutions?SSH from RHEL 9 to RHEL 6 systems does not work?and?Failed connection with SSH servers and clients that do not support the ‘server-sig-algs’ extension.
Source: https://shorturl.at/kowLS
