Topic: Which Linux distribution would you use now? (Read 777 times)

I mean something even older such as Windows XP (EOL on 2014) where i see some people claim they can't use internet properly due to SSL/TLS problem.

Yeah, that is what I have been using since day 1. Windows 10 LTSC Enterprise version 1809. It works pretty well, gets updated, and has never added anything in terms of bloatware, so im good. Im not sure for how long does this get you covered before they force you to update to Windows 11. I think it was 10 years, so arround 2028 I'll have to update to whatever is the next best thing that's lightweight and long term supported.

Windows Server 2008R2 is pretty old, it went EOL back in 2020. Browsers are not always up to date on older OSs. I've seen Chrome and Firefox failing to update because new version is not supported by old OS.

Perhaps,
1. OS you used isn't that old.
2. There's background application which regularly obtain new trusted certificate.
3. The browser remain up to date even though it's on old OS.

No critical vulnerabilities is impossible, although no hacker target that server sounds plausible.

Talking about Windows, are you aware of LTSC version which has less bloat and longer support?

Yes, official repos may go down after some time. But like in case of Centos 6 there are some archive or even 3rd party repos you can continue using.

I'm mostly using systems with no GUI but I'm yet to see an OS which can't connect to the internet because it's too old. Until recently I was running a Windows 2008R2 machine which was complaining all the time and the browser stopped updating but you could connect anyway.

Yeah, that, and also security-wise. Firewall keeps working, kernel has no critical vulnerabilities. Ar least they weren't exploited. Of course, I wouldn't run something connected with finance, payment processing, health, military or some other sensitive data on such a machine.

Aside from security, you might face unexpected behavior after long time it receive last update. For example,

• Repository or website which host software for your OS no longer exist.
• Some application cannot use internet connection properly due to certificate problem.

What exactly do you mean by rock solid? Rarely crash?

I'm not sure why everyone is so obsessed with updates. Many would say it's not safe to keep using OS without getting regular updates,

but I've seen lots of machines running something ancient like Centos 5 for example and yet they're rock solid. Don't fix it if ain't broken they say.

For my Windows computer I was using Windows 7 until the very last day and I hope to do the same with Windows 10.

I'm not sure why everyone is so obsessed with updates. Many would say it's not safe to keep using OS without getting regular updates, but I've seen lots of machines running something ancient like Centos 5 for example and yet they're rock solid. Don't fix it if ain't broken they say. Reinstalling from scratch every 5 or even 3 years doesn't seem reasonable to me. Just my 2c.

I have been running the same distro for years and now im basically forced to wipe the install and start from scratch because they stopped rolling updates. I was using Elementary OS version 5 and as you can see the Ubuntu release it's based on doesn't do updates anymore.

elementary OS Version    Released    Ubuntu Release    Ubuntu Maintenance Updates
0.4 Loki                            Sep 9, 2016    16.04 LTS    April 2021
5 Juno                            Oct 16, 2018    18.04 LTS    April 2023
5.1 Hera                            Dec 3, 2019    18.04 LTS    April 2023
6 Odin                            Aug 10, 2021    20.04 LTS    April 2025
6.1 Jólnir                            Dec 20, 2021    20.04 LTS    April 2025
7.0 Horus                            Jan 31, 2023    22.04 LTS    April 2027

I want to ask what people here are using. I want something that is easy to install that has full disk encryption features during the install on the GUI. And basically something without privacy unfriendly bloatware (like Ubuntu).

I would also like something that doesn't force you to wipe your stuff and start from scratch every 2 or 3 years.

I was looking at n0nce's guide on OpenSUSE. I have never tried that one. Not sure if meets the criteria but having a guide is really nice and would save a lot of time. But there's not much documentation in regards to Bitcoin, most of it is Ubuntu or Debian based. Someone commented this:


So I would rather use something more common. I want to be able to search for stuff and find answers.

mocacinno has a guide for CentOS, but it hasn't been update in 3 years so probably there's some stuff that changed.

Does anyone maintain any other guides for different distros? Im interested in mostly a Bitcoin Core node to form transaction in a desktop install, and a watch-only wallet to broadcast them and check funds, and do this through Tor with a laptop.

There has to be a simple OS that just works. But I guess im going to need to go with Ubuntu based ones so that will require full updates every 2 or 3 years when LTS versions run out of updates. And since I use full disk encryption im going to need to reinstall the whole think backing up the wallets and resync. I guess I can do that every few years. In that case I would try the new ElementaryOS but I would like to know what people hereare using, please let me know so I decide what to install.

Isn't Qubes OS more suited if you want to virtualize everything?

That works very well too

Isn't Qubes OS more suited if you want to virtualize everything?

Look for an LTS version, they are supported for 10 years usually after being released. In case you are using a bit old laptop, look for a lighter distro like XUbuntu to make the best out of your resources.

You could also "virtualize" the different tasks that you do by merely using a distro like Linux Mint as your base OS + VirtualBox. The base OS should NOT be used for anything else except to run your VMs to avoid it getting infected with malware and being exploited.

Linux Mint is probably good as a base OS + use Lubuntu for your VMs.

Whonix only runs as a Virtual Machine.  There is no way you can INSTALL it as a stand alone Operating System.

There are two ways of running Whonix.  Qubes or Virtual Machine.  Qubes is kind of hard to get accustomed to if you are not a fan of new UI and if you are unprepared a new, overhauled experience with a Linux distribution.  I like Qubes because it gives you many options.  You create what they call 'Domains' which are pretty much Virtual Machines.  You can create a Windows 'Domain' with no Internet connection.  All Domains are separated.  They do not interfere.  Any USB you insert has to be assigned to Domains you want it to be assigned to.  Any thing you do is pretty much happening in separate Virtual Machines and Qubes is just an offline desktop to manage them.  Think of it as running multiple computers all on the same monitor.

Best part of it is that the main management desktop known as dom0 is offline while you can run online Domains.  With this being said.  If a Domain is hacked it is almost impossible for the virus or hacker to get to dom0 let alone another Domain.  It is overkill like you say however.  Unless you truly care about top notch Security.

Like I said however.  It is hard to get accustomed to it.  You will have to do a lot of documentation.  Reading their install documentation is very important too.  You will learn a ton of important things about keeping high levels of Privacy and Security while running Qubes.

Qubes offers full disk encryption in the Install GUI and is extremely Privacy friendly.  It has pretty big system requirements however.  There is an exhaustive list of computers tested with it.  Maybe it is helpful to you.  https://www.qubes-os.org/hcl/

Now that I wrote this all I realize I sound like a walking Qubes advertising billboard!

-----

Tails is fun and all but because of its amnesic properties it is not a great Operating System for daily use.  It was not meant to be a daily driver or to be used occasionally with Persistent Storage anyway.  So I do not recomment doing a Persistent installation of Tails.  What I like about it is the amnesic property of it.  But this makes it only a great temporary Operating System.  It is perfect if you need to quickly boot up Tails for an Internet search.

In some cases Tails is more secure and can offer more Privacy than Qubes can.  But for your needs this might not be it.  Would not recommend any body to run a Full Node on Tails.  Defeats the purpose of Tails and probably builds loop holes too weakening the Security you should have.

-----

Since you are looking at some Debian distros.  Why do you not just install the blank version of Debian?  Download and install only the first CD file from https://www.debian.org/CD/http-ftp/.  That will install the most stripped version of Debian.  Last time I checked, the stripped version of Debian is 100 percent Open Source.  Then you can install any non free driver or package you like by downloading it from https://www.debian.org/distrib/packages.  This is the most hard core way you can go if you do not trust any thing and any body.

What I like about Debian is pretty much ANY issue you will ever encounter with Debian will be about one or two quick searches away.  There is an entire community for this distro.  It is Debian after all.

Warning.  This means you will encounter a lot of problems you will have to fix by yourself one by one until you can get to run the things you need properly.

You will probably not even have Wi Fi drivers after installing the first CD.  Probably will not need that if you are using Ethernet any way.  You can look up drivers for any thing that does not work.  I doubt you will not find a way.  Internet is your friend.

But there is a bit of work to do if you want to keep it as clean as possible and this is the best way to do it.  Who needs display driver which is proprietary.  Who needs Bluetooth adapter.  Who needs all that B S.  I like it raw.

There are many other distributions but I would not trust them.  Fewer contributors and users means more loopholes.  Tails, Qubes and Debian are pretty much Top 3 for people who do not trust their computer and Operating System much.  Ubuntu is probably the most popular distribution across the Linux community but even Ubuntu is based on Debian.  Why run something that has been built on top of Debian when you can run Debian itself.

Other Privacy oriented distributions are more focused on Security than Privacy it seems.  Kali and such.

-----

Or give them all a try.  See which you like most.  Maybe you fall in love with one and keep it.

There will never be such thing as PERFECT Security.  There will always be gaps.

I tend to believe Linux offers better Security than Windows only if the user continues the same behavior they had when they had Windows installed.  Browsing the same pages.  The same websites.  Downloading from the same sources.

If your behavior changes from typical Windows user to paranoid Linux user then you are going to visit more Privacy oriented websites.  You will download from more Privacy oriented sources.  You will change your behavior.  I would say for the better.  But on the other hand there will be more Linux targeting viruses on such websites than if you search for things the usual user of Windows would.  As a consequence you are going to probably have about the same Security you had on Windows.

Also remember there is a Terminal we are supposed to use.  This gives us control but it is pointless to think of it as more secure if the user has no idea what they are writing into it.  Installing DEB files from unknown sources or with out verifying their legitimacy beforehand.  Downloading packages from the Internet instead of using the Terminal for this purpose.  Installing 'App Stores'.  Modifying and doing things as SU.  There are many ways some body could mess up badly even with the 'safest' Distro.

I would argue it is a steep learning curve but also a steep way to more Security.  The more you learn, the less likely an attack.  Any body who has never used Linux before.  If you want to separate from Windows and move to it, go ahead.  But I really do recommend you first experiment with it.  Get some old laptop and start messing with Linux.  See what is good or bad to do.  Learn.  When you are ready and feel safe to move permanently, go.

Suse is knows as a secure distro, you would not believe how many flags pop up if you run the stig profile trough openscap on a plain vanilla installation... It took me ages to close most of the "gaps", but it's allmost impossible to get a perfect score. Next to this, security vulnerability's are found (and patched) on a daily basis, there ARE virusses targetting linux distro's... And then there's the PICNIC problem, every piece of software has config you CAN (and probably will) mess up, sometimes resulting in a (small) attack vector.

And when it comes to partitions, im just going to select it to automatically make whatever partitions are needed, will this encrypt the /home and /swap partitions? I just want to make sure that full disk encryption is applied, but I don't want to screw around with manually doing things. So during the wizard I enter the encryption LVM setting and enter a password, it does encrypt the whole thing?

According to this, only the sda5_crypt volume is encrypted? what about the swap one?

I don't recall Debian has default DE since you need to chose the DE either when choosing ISO or during installation. Is that no longer true?

While I currently use kubuntu for my daily driver, I wouldn't use it for a web server or anything that I was concerned about leaking data to third parties.

For Bitcoin and secure crypto transactions, I would look into Manjaro or any Arch distribution powerful enough to handle the necessary software.