Rocky Linux 10.2 is now available, and this feels like a much bigger release than a typical point update. Sure, there are the usual bug fixes and refinements you would expect from an enterprise Linux distribution, but there is also a surprising amount of meaningful change packed into this release.
The biggest story here is probably post-quantum cryptography. Rocky Linux continues pushing hard in that direction, and version 10.2 expands support in a big way. OpenSSH now supports ML-KEM hybrid key exchange in FIPS mode, libssh adds hybrid post-quantum methods, and Podman now supports post-quantum image signatures through Sequoia-PGP.
If you are a Linux administrator, however, there is one very important warning buried in the release notes. Rocky Linux says the FUTURE crypto policy now removes traditional non post-quantum key exchange methods entirely. In other words, if you enable it, many systems across today’s internet simply will not connect properly. That is not a bug either. It is intentional.
I have to admit, it is fascinating to watch enterprise Linux distributions begin preparing for a future where quantum-resistant encryption is no longer optional.
Desktop Linux users will probably notice another major change immediately. Firefox and Thunderbird are now delivered primarily as Flatpaks. If you install Rocky Linux 10.2 with a graphical environment, the installer automatically pulls in the Flatpak versions by default.
Thankfully, the traditional RPM packages are still available in AppStream, because not everybody is going to love this decision. Some Linux folks appreciate Flatpak for sandboxing and easier updates, while others still prefer native packages whenever possible. Either way, it is becoming increasingly clear that Flatpak is no longer just a side project in the Linux ecosystem.
Developers also get a healthy batch of updated software. Rocky Linux 10.2 includes Python 3.14, PHP 8.4, Node.js 24, Ruby 4.0, PostgreSQL 18, OpenJDK 25, and GCC 14.3. That should make the distribution far more appealing for modern workloads compared to the stale toolchains enterprise Linux distributions sometimes become known for.
There are some nice kernel and hardware improvements too. Wi-Fi 7 support is included, io_uring arrives as a tech preview, and both Intel and AMD performance analysis tools receive upgrades. The io_uring addition is especially notable because it can reduce syscall overhead for storage and networking workloads.
Container and virtualization users are getting plenty of attention as well. Podman 5.8.2 adds automatic BoltDB-to-SQLite migration ahead of Podman 6.0, along with improved quadlet management and better reboot persistence behavior. QEMU gains native Forced Unit Access I/O support too, which should help certain database workloads inside virtual machines.
One change I actually appreciate is the increase in the default /boot partition size. Rocky Linux now allocates 2GB instead of 1GB by default. That may sound minor, but oversized initramfs files have been annoying Linux users for years, so this feels like a practical improvement.
There are a few workflow-breaking changes administrators should know about too. Typing “vi” no longer launches full Vim automatically when vim-enhanced is installed. Instead, it always launches the minimal editor unless you explicitly run “vim.” Longtime Linux users are almost certainly going to stumble over that one at least once.
Overall, Rocky Linux 10.2 looks like a very strong release. More importantly, it continues showing that Rocky Linux is evolving beyond simply being “the free RHEL clone.” Between post-quantum cryptography work, container tooling improvements, cloud features, virtualization enhancements, and modern developer packages, Rocky Linux increasingly feels like a serious enterprise Linux platform with its own direction and identity.
