 |  |  |
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
linux:distros [2012/08/25 14:02] rim |
linux:distros [2023/02/15 12:46] (current) |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| What I use for server systems is [[http://fedoraproject.org/|Fedora]]. It's highly secure, generally very up-to-date, and fairly bullet-proof. On the other hand, [[https://sc.snu.ac.kr/sclab/doku.php?id=resource:fedora16|it isn't always the easiest distribution to maintain]]. But it's what I would recommend if you are maintaining servers. But I would also recommend | What I use for server systems is [[http://fedoraproject.org/|Fedora]]. It's highly secure, generally very up-to-date, and fairly bullet-proof. On the other hand, [[https://sc.snu.ac.kr/sclab/doku.php?id=resource:fedora16|it isn't always the easiest distribution to maintain]]. But it's what I would recommend if you are maintaining servers. But I would also recommend | ||
| - | * Substituting lxde as the desktop manager instead of gnome, because gnome 3 seems to me to be largely non-functional for typical server architectures | + | * [[http://spins.fedoraproject.org/lxde/|Substituting lxde]] as the desktop manager instead of gnome, because gnome 3 in my experience is currently largely non-functional for typical server architectures |
| - | * Using yum directly and turning of PackageKit (because unfortunately, screw-ups in rpm maintenance seem to be fairly frequent with Fedora, and they're tough to fix from PackageKit) | + | * Using yum directly and turning off PackageKit (because unfortunately, screw-ups in rpm maintenance seem to be fairly frequent with Fedora, and they're tough to fix from PackageKit) |
| - | * If you want a secure system, ignore all the advice on the net to turn off selinux: selinux is your friend. Learn to work with it, not fight it - especially if you are exposed on the net with a fixed IP address | + | * Turning off the 'rhgb' and 'quiet' boot kernel options so that you get to see what's happening during boot, rather than a pretty screen that leaves you completely at sea if anything goes wrong |
| + | * If you want a secure system, ignore all the advice on the net to turn off selinux: selinux is your friend. Learn to work with it, not fight it - especially if you are exposed on the net with a fixed IP address; and read the Fedora pages on system security hardening | ||
| I mainly use Fedora for desktop systems because I have to be familiar with it, so using it for desktops as well makes sense for me. However if I only had desktops, I would probably use [[http://www.ubuntu.com/|Ubuntu]] instead (I keep a couple of Ubuntu systems - this being one - and they seem to require much less maintenance than Fedora). For personal systems, the decision whether to use selinux on ubuntu is more complex - you're trading off convenience for security. But if you're going to use your machine to access financial accounts, I'd turn on selinux (an even safer choice is to boot a system from a liveCD, and use it only for financial transactions - because it's read-only, even if you did pick up an infection in one session, it's guaranteed to be wiped again for the next). | I mainly use Fedora for desktop systems because I have to be familiar with it, so using it for desktops as well makes sense for me. However if I only had desktops, I would probably use [[http://www.ubuntu.com/|Ubuntu]] instead (I keep a couple of Ubuntu systems - this being one - and they seem to require much less maintenance than Fedora). For personal systems, the decision whether to use selinux on ubuntu is more complex - you're trading off convenience for security. But if you're going to use your machine to access financial accounts, I'd turn on selinux (an even safer choice is to boot a system from a liveCD, and use it only for financial transactions - because it's read-only, even if you did pick up an infection in one session, it's guaranteed to be wiped again for the next). | ||