Linux Guide
A guide covering Linux including it's multiple Desktop enviroments, Window managers, Tools, and Applications that will make you a better and more efficient Linux user.
Note: You can easily convert this markdown file to a PDF in VSCode using this handy extension Markdown PDF.
Table of Contents
Linux Learning Resources
-
Contribute to FOSS by Jason Evangelho, is an entensive Wiki page on how to contribute to the Linux and FOSS community.
Linux Professional Institute(LPI) is a non profit organization. Linux Professional Institute (LPI) is the global certification standard and career support organization for open source professionals. With more than 175,000 certification holders, it's the world's first and largest vendor-neutral Linux and open source certification body.
Linux Foundation is home to Linux, Node.js and other mission critical projects that form the backbone of modern internet services, including Pinterest. Joining The Linux Foundation is a great way for established companies like ours to support those communities.
Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure. CNCF brings together the world's top developers, end users, and vendors and runs the largest open source developer conferences. CNCF is part of the nonprofit Linux Foundation.
RISC-V Foundation is a non-profit corporation controlled by its members to drive forward the adoption and implementation of the free and open RISC-V instruction set architecture (ISA).
Open Source Security Foundation (OpenSSF) is a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community, targeted initiatives, and best practices. The OpenSSF brings together open source security initiatives under one foundation to accelerate work through cross-industry support. Along with the Core Infrastructure Initiative and the Open Source Security Coalition, and will include new working groups that address vulnerability disclosures, security tooling and more.
Free Software Foundation (FSF) is a nonprofit with a worldwide mission to promote computer user freedom.
Linux Software Repositories & Package Managers
dpkg(Debian Package) is the package management system in Debian and its OS derivatives.
DEB is a Debian Software Package file used on Debian-based Linux systems such Debian, Ubuntu, Linux Mint, and Pop!_OS.
APT (Advanced Package Tool) is a higher-level package management systemtool, that is more commonly used than dpkg as it can fetch packages from remote locations.
Nala is a commandline frontend for the APT package manager.
Synaptic Package Manager is a graphical package management tool based on APT.
PPA(Personal Package Archive) is a set of software repositories that can distribute software and updates directly to Ubuntu users. Create your source package, upload it and Launchpad will build binaries and then host them in your own apt repository.
PackageKit is a suite of software applications designed to provide a consistent and high-level front end for a number of different package management systems on Linux.
EPEL (Extra Packages for Enterprise Linux) is an free and open source community-based repository project from the Fedora team which provides 100% high-quality add-on software packages for Linux distribution including RHEL (Red Hat Enterprise Linux) and CentOS Stream.
DNF(Dandified Packaging Tool) is a software package manager that installs, updates, and removes packages on Fedora and is the successor to YUM (Yellow-Dog Updater Modified). DNF makes it easy to maintain packages by automatically checking for dependencies and determines the actions required to install packages.
Micro DNF is a lightweight C implementation of DNF, designed to be used for doing simple packaging actions when you don't need full-blown DNF and you want the tiniest useful environments possible. Checkout the Micro DNF GitHub.
Fedora Updates System is a place to create, test, and publish package updates for Fedora.
RPM Package Manager (RPM) is a powerful package management system capable of building computer software from source into easily distributable packages installing, updating and uninstalling packaged software querying detailed information about the packaged software, whether installed or not.
YUM (Yellowdog Updater, Modified) is a software package-management utility for Linux operating system using the RPM Package Manager.
RPM Fusion is a software repository provides software that the Fedora Project or Red Hat doesn't want to ship. That software is provided as precompiled RPMs for all current Fedora versions and current Red Hat Enterprise Linux or clones versions; you can use the RPM Fusion repositories with tools like yum and PackageKit.
ROM OSTree is a hybrid image/package system. It combines libostree as a base image format, and accepts RPM on both the client and server side, sharing code with the dnf project; specifically libdnf. Thus bringing many of the benefits of both projects together.
YaST is a installation and configuration tool for openSUSE and the SUSE Linux Enterprise distributions. It features an easy-to-use interface and powerful configuration capabilities.
Zypper is a command line package manager which makes use of libzypp. It provides functions like repository access, dependency solving, package installation, etc. Zypper repositories are similar to the ones used in YaST, which also makes use of libzypp.
Pacman is a utility which manages software packages in Arch Linux. It uses simple compressed files as a package format, and maintains a text-based package database (more of a hierarchy), just in case some hand tweaking is necessary.
Arch Linux User Repository (AUR) is a software repository that contains thousands build scripts, for compiling nearly 68,000 installable packages from source using the Arch Linux makepkg application.
Linux Kernel
The Linux kernel is the main component of a Linux operating system (OS) and is the core interface between a computer’s hardware and its processes. It communicates between the 2, managing resources as efficiently as possible.
Categories for Linux Kernel Releases:
-
Prepatch: Prepatch or "RC(Realease Candidate)" kernels are mainline kernel pre-releases that are mostly aimed at other kernel developers and Linux enthusiasts. They must be compiled from source and usually contain new features that must be tested before they can be put into a stable release. Prepatch kernels are maintained and released by Linus Torvalds.
-
Mainline: Mainline tree is maintained by Linus Torvalds. It's the tree where all new features are introduced and where all the exciting new development happens. New mainline kernels are released every 9-10 weeks.
-
Stable: After each mainline kernel is released, it is considered "stable." Any bug fixes for a stable kernel are backported from the mainline tree and applied by a designated stable kernel maintainer. There are usually only a few bugfix kernel releases until next mainline kernel becomes available -- unless it is designated a "longterm maintenance kernel." Stable kernel updates are released on as-needed basis, usually once a week.
-
Longterm: There are usually several "longterm maintenance" kernel releases provided for the purposes of backporting bugfixes for older kernel trees. Only important bugfixes are applied to such kernels and they don't usually see very frequent releases, especially for older trees.
Current Longterm release kernels
Version | Maintainer | Released | Projected EOL |
---|---|---|---|
6.1 | Greg Kroah-Hartman & Sasha Levin | 2022-12-11 | Dec, 2026 |
5.15 | Greg Kroah-Hartman & Sasha Levin | 2021-10-31 | Oct, 2026 |
5.10 | Greg Kroah-Hartman & Sasha Levin | 2020-12-13 | Dec, 2026 |
5.4 | Greg Kroah-Hartman & Sasha Levin | 2019-11-24 | Dec, 2025 |
4.19 | Greg Kroah-Hartman & Sasha Levin | 2018-10-22 | Dec, 2024 |
4.14 | Greg Kroah-Hartman & Sasha Levin | 2017-11-12 | Jan, 2024 |
Systemd
systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for SysVinit.
init is parent of all Linux processes with PID or process ID of 1. It is the first process to start when a computer boots up and runs until the system shuts down. init stands for initialization.
Linux YouTube Channels
Linux Podcasts
Linux Desktop Environments
KDE Plasma Desktop
KDE Plasma Desktop, is a beautiful Windows-like desktop that you use to surf the web, keep in touch with colleagues, friends and family, manage your files, enjoy music and videos; and get creative and productive at work. The KDE community develops and maintains more than 200 applications which run on any Linux desktop, and often other platforms too.
GNOME Desktop
GNOME Desktop, An easy and elegant way to use your computer, GNOME is designed to put you in control and get things done.
MATE Desktop
MATE Desktop, is the continuation of GNOME 2 desktop environment.
Budgie Desktop
Budgie Desktop, a feature-rich, modern desktop designed to keep out the way of the user.
XFCE Desktop
XFCE Desktop, a lightweight desktop environment for UNIX-like operating systems.
Cinnamon Desktop
Cinnamon Desktop, a Linux desktop which provides advanced innovative features and a traditional user experience.
LXQt Desktop
LXQt Desktop,the Lightweight Qt Desktop Environment.
Pantheon Desktop
Pantheon Desktop, a GTK desktop based on the GNOME software base maintained by the elementary OS developers.
Deepin Desktop
Deepin Desktop, an elegant, easy to use and reliable domestic desktop environment.
Unity Desktop
Unity Desktop, a graphical shell for the GNOME desktop environment originally developed by Canonical Ltd.
Linux Window Managers
KWin WM
KWin is the window manager for the KDE Plasma Desktop. It gives you complete control over your windows, making sure they're not in the way but aid you in your task. It paints the window decoration, the bar on top of every window with (configurable) buttons like close, maximize and minimize.
Mutter WM
Mutter is a Wayland display server and X11 window manager and compositor library. When used as a Wayland display server, it runs on top of KMS and libinput. It implements the compositor side of the Wayland core protocol as well as various protocol extensions.
FluxBox
Fluxbox is a stacking window manager for the X Window System, which based upon Blackbox.
OpenBox
Openbox is a lightweight, powerful, and highly configurable stacking window manager with extensive standards support.
Tiling Windows Managers
i3 wm
i3-wm, a tiling window manager for X11.
awesome wm
Awesome, a highly configurable, next generation framework window manager for X.
Bspwm
Bspwm, a tiling window manager based on binary space partitioning with a focus on resource efficiency.
Linux Companies
-
Red Hat makers of Red Hat Enterprise Linux and sponsors to the Fedora Project.
-
Canonical makers of Ubuntu Desktop and Server.
-
SUSE makers of SUSE Enterprise Linux.
-
Manjaro makers of Manjaro Linux.
Linux Hardware Vendors
-
Valve makers of the Steam Deck.
-
Framework Laptop, Please note that you will have to install Linux on your device it does not ship with the laptop.
Linux in the Cloud
Amazon Linux 2 a next generation of Amazon Linux, a Linux server operating system from Amazon Web Services (AWS). It provides a secure, stable, and high performance execution environment to develop and run cloud and enterprise applications. With Amazon Linux 2, you get an application environment that offers long term support with access to the latest innovations in the Linux ecosystem.
Amazon Linux AMI is a supported and maintained Linux image provided by Amazon Web Services for use on Amazon Elastic Compute Cloud (Amazon EC2). It is designed to provide a stable, secure, and high performance execution environment for applications running on Amazon EC2.
Bottlerocket is a Linux-based open-source operating system that is purpose-built by Amazon Web Services for running containers on virtual machines or bare metal hosts. Most customers today run containerized applications on general-purpose operating systems that are updated package-by-package, which makes OS updates difficult to automate.
CBL-Mariner is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services. CBL-Mariner is designed to provide a consistent platform for these devices and services and will enhance Microsoft’s ability to stay current on Linux updates. This initiative is part of Microsoft’s increasing investment in a wide range of Linux technologies, such as SONiC, Azure Sphere OS and Windows Subsystem for Linux (WSL).
SONiC is an open source network operating system based on Linux that runs on switches from multiple vendors and ASICs. It offers a full-suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud-service providers.
Azure Sphere is a secured, high-level application platform with built-in communication and security features for internet-connected devices. The platform consists of the integration of hardware built around a secured silicon chip; the Azure Sphere OS, a custom high-level Linux-based operating system; and the Azure Sphere Security Service, a cloud-based security service that provides continuous security.
Getting Software
GNOME Software Center
KDE Plasma Discover Software Center
Note: All this software is also available in other popular Linux distributions such as Debian, Linux Mint, elementary OS, Pop!_OS, Fedora, Manjaro Linux, EndeavourOS and Arch Linux. Also, if you scroll down further you'll see other easy ways to get software applications through Flathub, Snap Store, and AppImages.**
App Outlet
App Outlet is a Universal application store(Flatpaks, Snaps, and AppImages) inspired by the Linux App Store online service.
Flatpaks
FlatHub is a build and distribution service for Flatpak applications.
Flatseal is a graphical utility to review and modify permissions from your Flatpak applications. Get it on Flathub store.
Snaps
Snap Store is a build and distribution service for Snap applications.
AppImages
AppImageHub is a build and distribution service for AppImage applications.
AppImage Manager is a package manager for AppImages.
Microsoft Office Alternatives
OnlyOffice is a secure offline/online office suite highly compatible with MS Office formats for Windows, Mac and Linux.
FreeOffice is a secure office suite highly compatible with MS Office formats for Windows, Mac and Linux.
LibreOffice is a free and open-source office productivity software suite similar to Microsoft Office.
Secure & Privacy Focused Web Browsers
Mozilla Firefox is a free and open-source web browser developed by the Mozilla Foundation.
LibreWolf is designed to increase protection against tracking and fingerprinting techniques, while also including a few security improvements. It remove all the telemetry, data collection and annoyances, as well as disabling anti-freedom features like DRM.
Brave is a fast, private and secure web browser for PC, Mac and mobile. It comes with Brave Search, which is a private search engine that puts you first, not big tech for those that don't want to use Google Search.
Ungoogled-Chromium is a lightweight approach to removing Google web service dependency.
Vivaldi is a fast, private and secure web browser for PC, Mac and mobile. It comes with built-in features like Notes, Screen Capture, Image Properties and (a lot) more. Please note that Vivaldi is proprietary and not open source.
Ghostery Dawn is a fast, private and secure web browser for PC, Mac and mobile. It comes with the complete Ghostery Privacy Suite including Ghostery Glow a private search engine that does not log your search history, which means you get served objective results, not results that are filtered by the likelihood you’ll click on them.
Privacy & Security Focused Browser extensions
UBlock Origin is a free and open-source, cross-platform browser extension for content filtering primarily aimed at neutralizing privacy invasion in an efficient, user-friendly method.
Privacy Badger is a browser extension that automatically learns to block invisible trackers.
DuckDuckGo Privacy Essentials is an extension that seamlessly helps prevent your personal information from being exposed during everyday online activity.
Ghostery is a comprehensive privacy protection Ad Blocker browser extension.
HTTPS Everywhere is an extension created by EFF and the Tor Project which automatically switches thousands of sites from insecure "http" to secure "https".
CleanURLs is an extension will automatically remove tracking elements from URLs to help protect your privacy when browsing through the Internet.
PixelBlock is an Gmail extension that blocks email tracking attempts used to detect when you open and read emails.
Sitejabber is an extension for consumers to find trustworthy online businesses and avoid scams.
1Password is a password manager that provides a place for users to store various passwords, software licenses, and other sensitive information in a virtual vault that is locked with a PBKDF2-guarded master password.
Bitwarden is a free and open-source password management service that stores sensitive information such as website credentials in an encrypted vault.
Guardio is a lightweight extension designed to help you browse quickly and securely. It will clean your browser, speed it up, and protect your private information.
OneTab is an extension that converts your tabs to a list and speeds up your browser.
Privacy-focused Search Engines
Backups
TimeShift is a system restore tool for Linux. Creates filesystem snapshots using rsync+hardlinks, or BTRFS snapshots. Supports scheduled snapshots, multiple backup levels, and exclude filters.
Vorta is a backup client for macOS and Linux desktops. It integrates the mighty Borg Backup with your favorite desktop environment to protect your data from disk failure, ransomware and theft. Available as a Flatpak on Flathub
Pika Backup is a backup tool that is designed to save your personal data and does not support complete system recovery. Pika Backup is powered by the well-tested BorgBackup software. Available as a Flatpak on Flathub
Storage Disk Health
Dirstat-rs is a fast, cross-platform disk usage CLI, similar to Windirstat.
Dutree is a tool to analyze file system usage written in Rust.
Scrutiny is a WebUI tool for smartd S.M.A.R.T monitoring, Historical Trends & Real World Failure Thresholds.
Improving Battery Life
auto-cpufreq is an automatic CPU speed & power optimizer for Linux based on active monitoring of laptop's battery state, CPU usage, CPU temperature and system load. Ultimately allowing you to improve battery life without making any compromises.
TLP is a free open source, feature-rich and command line tool for advanced power management, which helps to optimize battery life in laptops powered by Linux.
TLPUI is a GTK user interface for TLP written in Python.
Tools to Copy/Transfer files to your Linux System
KDE Connect is a tool that lets you easily link up your phone to your computer, your computer to your tablet; or your computer to your Steam Deck device. It can be used to share files across devices, read and send SMS directly from your laptop, and lock up your computer remotely.
Warpinator is a free, open-source tool for sending and receiving files between computers that are on the same network. Warpinator Flatpak
FileZilla Client is a fast and reliable cross-platform FTP, FTPS and SFTP client with lots of useful features and an intuitive graphical user interface. FileZilla Flatpak
Dragit is an application for intuitive file sharing between devices. It's useful for when you want to send file from one computer to another with minimal effort. Dragit automatically detects devices in the local network with help of mDNS protocol and allows you to send file immediately. Dragit Flatpak
WinFsp is a set of software components for Windows computers that allows the creation of user mode file systems. In this sense it is similar to FUSE (Filesystem in Userspace), which provides the same functionality on UNIX-like computers.
SSHFS-Win is a minimal port of SSHFS to Windows. Looking under the hood it uses Cygwin for the POSIX environment and WinFsp for the FUSE (Filesystem in Userspace) functionality.
RiftShare is a cross platform (Windows, MacOS, Linux) file sharing tool that supports fully encrypted transfers both on the local network and off network using a simple passphrase. RiftShare uses magic-wormhole under the hood and is compatible with other magic-wormhole clients. It is also fully open source and licensed under the GPLv3. RiftShare Flatpak
SyncThing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Works with Mac OS X, Windows, Linux, FreeBSD, Solaris, OpenBSD, Android, and many others. Downloadable in Discover. It's also open source and licensed under the MPL-2.0 license.
Usermode FTP Server is a tool that let's you start an FTP server as user and transfer files with any FTP client. Allowing you to access your files directly with many file browsers' builtin FTP support: Windows File Explorer, Thunar, Gnome Files, Dolphin and many more. Usermode FTP Server on FlatHub
Running Android Apps on your Linux System
Waydroid is a container-based approach to boot a full Android system on a regular Linux system. Make sure to checkout the Waydroid Arch wiki page.
Anbox is a container-based software for running a full Android system on Linux distributions. Make sure to checkout the Anbox Arch wiki page.
Running Windows Apps on your Linux System
Bottles is a software tool that let's you run Windows software on Linux. It's built-in dependency installation system grants automatic software compatibility access. The download manager can download the official components such as: the runner (Wine, Proton), DXVK, dependencies, etc. Available on FlatHub or throught KDE Discover store.
Professional Audio & Video Editing
H.264(AVC) is a video compression standard based on block-oriented and motion-compensated integer-DCT coding that defines multiple profiles (tools) and levels (max bitrates and resolutions) with support up to 8K.
H.265(HEVC) is a video compression standard that is the successor to H.264(AVC). It offers a 25% to 50% better data compression at the same level of video quality, or improved video quality at the same bit-rate.
FFmpeg is a leading multimedia framework that can decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge ones on multiple platforms such as Windows, macOS, and Linux.
HandBrake is a tool for transcoding video from almost any format with a selection of widely supported codecs. It is supported on Window, macOS, and Linux.
Dynamic Adaptive Streaming over HTTP (DASH) is an adaptive streaming protocol that allows for a video stream to switch between bit rates on the basis of network performance, in order to keep a video playing.
OpenMAX™ is a cross-platform API that provides comprehensive streaming media codec and application portability by enabling accelerated multimedia components to be developed, integrated and programmed across multiple operating systems and silicon platforms.
DaVinci Resolve is the world’s only solution that combines professional 8K editing, color correction, visual effects and audio post production all in one software tool! You can instantly move between editing, color, effects, and audio with a single click. DaVinci Resolve Studio is also the only solution designed for multi user collaboration so editors, assistants, colorists, VFX artists and sound designers can all work live on the same project at the same time.
Blender comes with a built-in video sequence editor allows you to perform basic actions like video cuts and splicing, as well as more complex tasks like video masking or color grading. The Video Editor includes: Live preview, luma waveform, chroma vectorscope and histogram displays. Audio mixing, syncing, scrubbing and waveform visualization.
Kdenlive is an open source video editing tool that supports unlimited multimedia files. It's based on the MLT Framework, KDE and Qt. People who are looking for a very versatile video editing tool that comes packed with features. The latest 20.08 release is out with nifty features like Interface Layouts, Multiple Audio Stream support, Cached data management and Zoombars in the Clip Monitor and Effects Panel but one may argue that the highlights of this release are stability and interface improvements.
OpenShot is an open-source video editing tool that's designed for users new in the editing environment. It has simple features such as a simple drag-and-drop function, it provides an easy-to-use and quick-to-learn user interface. The powerful video editor offers tons of efficient ways to cut and trim down your videos. You can freely utilize the unlimited tracks, video effects engine, title editor, 3D animations, slow motion, and time effects. It supports commonly used video codecs that are supported by FFmpeg like WebM (VP9), AVCHD (libx264), HEVC (libx265) and audio codecs like mp3 (libmp3lame) and aac (libfaac). The program can render MPEG4, ogv, Blu-ray and DVD video, and Full HD videos for uploading to the internet video websites like YouTube.
Lightworks is a non-linear video editing appluication for editing and mastering digital video used by the film industry. Its professional edition has been used for box office hits, such as Shutter Island, Pulp Fiction, and Mission Impossible. Intimidating user interface. Like professional video editors, such as Adobe Premiere Pro, Lightworks is rather complicated to use for new users.
Shotcut is an open source multi-platform video editor. You can perform various actions such as video editing (including 4K video quality), add effects, create new movies, import most image files formats, export to almost any file format and much more.
Olive is a free non-linear video editor aiming to provide a fully-featured alternative to high-end professional video editing software.
Natron is a powerful Digital Compositor that can handle all of your 2D/2.5D needs. Its robust OIIO file formats and OpenFX architecture is what make Natron the most flexible open source compositor for the visual effects community. Its interface and functionally are the same across all platforms such as MacOS, Linux and Windows.
OBS (Open Broadcaster Software) is free and open source software for video recording and live streaming. Stream to Twitch, YouTube and many other providers or record your own videos with high quality H264 / AAC encoding.
REAPER is a complete digital audio production application for computers, offering a full multitrack audio and MIDI recording, editing, processing, mixing and mastering toolset.REAPER supports a vast range of hardware, digital formats and plugins, and can be comprehensively extended, scripted and modified.
JACK Audio Connection Kit AKA JACK is a professional sound server daemon that provides real-time, low-latency connections for both audio and MIDI data between applications that implement its API. JACK can be configured to send audio data over a network to a "master" machine, which then outputs the audio to a physical device. This can be useful to mix audio from a number of "slave" computers without requiring additional cables or hardware mixers, and keeping the audio path digital for as long as possible.
Bitwig Studio is a digital audio workstation that has linear and non-linear workflows for sound design, recording, live performance, and more. Along with 90+ instruments, effects, and other creative tools. It is supported Windows, macOS, and Linux.
PipeWire is a server and user space API to deal with multimedia pipelines.It provides a low-latency, graph based processing engine on top of audio and video devices that can be used to support the use cases currently handled by both pulseaudio and JACK. PipeWire was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy. Nodes in the graph can be implemented as separate processes, communicating with sockets and exchanging multimedia content using fd passing.
Yabridge is a modern and transparent way to use Windows VST2 and VST3 plugins on Linux. Yabridge seamlessly supports using both 32-bit and 64-bit Windows VST2 and VST3 plugins in a 64-bit Linux VST host as if they were native VST2 and VST3 plugins, with optional support for plugin groups to enable inter-plugin communication for VST2 plugins and quick startup times.
Sonobus is an easy to use application for streaming high-quality, low-latency peer-to-peer audio between devices over the internet or a local network.
Avid Pro Tools is an industry standard audio-production software for songwriters, musicians, producers, and engineers.
LMMS is an open source digital audio workstation application program. When LMMS is pairedr with appropriate computer hardware, it allows music to be produced by arranging samples, synthesizing sounds, playing on a MIDI keyboard, and combining the features of trackers and sequencers. Developed by Paul Giblock and Tobias Junghans, this program stands for "Linux MultiMedia Studio" and supports handy plugins that enables it to work on different operating systems.
Ardour is an open source, collaborative effort of a worldwide team including musicians, programmers, and professional recording engineers. Development is transparent — anyone can watch our work as it happens. Like a good piece of vintage hardware, you can open the box and look inside.
Audacity is an easy-to-use, multi-track audio editor and recorder for Windows, Mac OS X, GNU/Linux and other operating systems. Developed by a group of volunteers as open source and offered free of charge. Amazing support community.
Glimpse is a cross-platform raster graphics editor based on the GNU Image Manipulation Program available for Linux, MacOS, and Windows. A great tool for making YouTube video thumbnails.
Setting up OBS Studio
OBS (Open Broadcaster Software) is free and open source software for video recording and live streaming. Stream to Twitch, YouTube and many other providers or record your own videos with high quality H264 / AAC encoding. OBS Studio added native PipeWire and Wayland support in version 27.
-
OBS PipeWire Audio Capture is a plugin adds 3 sources for OBS Studio tocapture audio outputs, inputs and applications using PipeWire.
-
OBS Scale To Sound is a plugin for OBS Studio that adds a filter which makes a source scale based on the audio levels of any audio source you choose.
-
OBS Studio Fully-loaded is a script for Ubuntu/Debian-based systems that installs OBS Studio along with pre-loaded extra features and plugins. This project is developed and maintained by Martin Wimpress.
Useful OBS Studio 3rd party plugins and themes.
- Advanced Scene Switcher plugin; an automated scene switcher.
- Audio Pan plugin; control stereo pan of audio source.
- Browser plugin; CEF-based OBS Studio browser plugin.
- Directory Watch Media plugin; filter you can add to media source to load the oldest or newest file in a directory.
- Downstream Keyer plugin; add a Downstream Keyer dock.
- Dynamic Delay plugin; filter for dynamic delaying a video source.
- Freeze Filter plugin; freeze a source using a filter.
- Gradient Source plugin; adding gradients as a Soource.
- GStreamer plugins; feed GStreamer launch pipelines into OBS Studio and use GStreamer encoder elements.
- Move Transition plugin; move source to a new position during scene transition.
- Multi Source Effect plugin; provides a custom effect to render multiple sources.
- NDI plugin; Network A/V via NewTek's NDI.
- NvFBC plugin; screen capture via NVIDIA FBC API. Requires NvFBC patches for Nvidia drivers for consumer grade GPUs.
- Pulse App Capture plugin; capture application audio from PulseAudio.
- Soundboard plugin; adds a soundboard dock.
- Source Copy plugin; adds copy and paste options to the tools menu.
- Source Dock plugin; create a Dock for a source, which lets you see audio levels, change volume and control media.
- Recursion Effect plugin; recursion effect filter.
- Replay Source plugin; slow motion replay async sources from memory.
- RGB Levels plugin; simple filter to adjust RGB levels.
- RTSPServer plugin; encode and publish to a RTSP stream.
- Scale to Sound plugin; adds a filter which makes a source scale based on the audio levels of any audio source you choose
- Scene Collection Manager plugin; filter, backup and restore Scene Collections.
- Scene Notes Dock plugin; create a Dock for showing and editing notes for the current active scene.
- Source Record plugin; make sources available to record via a filter.
- Source Switcher plugin; to switch between a list of sources.
- Spectralizer plugin; audio visualization using fftw.
- StreamFX plugin; collection modern effects filters and transitions.
- Teleport plugin; open NDI-like replacement.
- Text Pango plugin; Provides a text source rendered using Pango with multi-language support, emoji support, vertical rendering and RTL support.
- Text PThread plugin; Rich text source plugin with many advanced features.
- Time Warp Scan plugin; a time warp scan filter.
- Transition Table plugin; customize scene transitions.
- Virtual Cam Filter plugin; make sources available to the virtual camera via a filter
- VNC Source plugin; VNC viewer that works as a source.
- Websockets plugin; remote-control OBS Studio through WebSockets, compatible with StreamControl.
Gaming
Linux Gaming Resources & Tweak Tools
- GamingOnLinux
- BoilinSteam
- PCGamingWiki
- Rootgamer
- Linux Gaming Central
- Linux Game Cast
- r/linux_gaming subreddit
Game Controllers
-
Note: Steam Controllers were discontinued on November 26, 2019, though, you can still buy them on ebay.
Xbox Wireless Controller + USB-C® Cable
- XONE is a Linux kernel driver for Xbox One and Xbox Series X|S accessories. It serves as a modern replacement for xpad, aiming to be compatible with Microsoft's Game Input Protocol (GIP).
- XPAD neo is an Advanced Linux Driver for Xbox One Wireless Controller (shipped with Xbox One S).
PlayStation 5 DualSense™ Wireless Controller
-
DS4Windows is an open-source gamepad input mapper and virtual emulator designed to use and connect your PlayStation controller (DualShock 3/4 and DualSense 5) to a Windows 10 & 11 PC. It also comes handy with emulating a Xbox controller and tricks the computer into thinking the DS4, is in fact, an Xbox game pad (virtual emulation occurs).
Note: make sure to use Bottles to run this firmware update and DS4Windows.
Nintendo Switch Pro Controller
Nintendo Switch Pro Controller
8Bitdo Ultimate Bluetooth Controller with Charging Dock, Wireless Pro Controller for Switch, Windows and Steam Deck.
GuliKit KingKong 2 Pro Wireless Controller
- The Luna Controller is made for Amazon's cloud gaming service. Powered by Cloud Direct technology Connect directly to Amazon's custom game servers when playing on Luna, reducing roundtrip latency by 17 to 30 milliseconds vs. a local Bluetooth connection among Windows PC, Mac, and Fire TV.
Steam
Steam Flatpak available on FlatHub.
Steam Remote Play Together is a steam service that let's you share your Steam local multi-player games with friends over the internet, for free. Using Remote Play Together, one player owns and runs the game, then up to four players can join.
Proton is a tool for use with the Steam client which allows games which are exclusive to Windows to run on the Linux operating system. It uses Wine to facilitate this.
Proton Next is an easier way to check out and test the upcoming stable releases of new Proton versions for Linux desktop and Steam Deck.
The following games are now playable: - Rift - Unravel 2 - Airborne Kingdom - Nancy Drew: Legend of the Crystal Skull - Re-Volt - Aspire: Ina's Tale - Battle Realms: Zen Edition - Deathsmiles II - Primal Carnage: Extinction - Pico Park Classic Edition - Six Ages: Ride Like the Wind - Darkstar One - Indiana Jones and the Emperor Tomb - Bulletstorm: Full Clip Edition
- Fix Batman: Arkham City GOTY launching in the background on Steam Deck when set to fullscreen.
- Fix Marvel's Spider-Man Remastered displaying dialog about outdated drivers on AMD systems.
- Fix Final Fantasy IV (3D Remake) having no audio.
- Fix Return to Monkey Island not reacting to mouse clicks after a recent game update.
- Fix upsidedown videos in VRChat and many other games.
- Fix Call of Duty Black Ops II Zombies and Multiplayer hanging on exit.
- Fix Bail or Jail crashing when opening the Terms of Serivce.
- Improve GTA V situation with not loading textures.
- Fix Red Dead Redemption 2 crashing after a recent game update.
- Fix Final Fantasy XIV Online launcher functionality after game update.
- Fix cutscene stutter in Disgaea 5.
- Fix Thrustmaster HOTAS having non-functional dial in Elite Dangerous.
- Fix Planet Zoo randomly crashing.
- Fix SCP: Secret Labratory not being playable after a recent game update (again).
- Fix Tekken 7 crashing at launch.
- Fix Armello hanging on exit.
- Fix Sword Art Online: Hollow Realization freezing after the tutorial.
- Fix Space Engineers intro video not playing correctly.
- Fix Dragon's Dogma: Dark Arisen videos not playing correctly.
- Implement network video support for VRChat.
- Update dxvk to v1.10.3-28-ge3daa699.
ProtonUp-Qt is a tool to install and manage Proton-GE and Luxtorpeda for Steam and Wine-GE for Lutris with this graphical user interface. Based on AUNaseef's ProtonUp, made with Python 3 and Qt 6.
Enable Proton in Steam
- Click on “Steam” then “Settings” to open the Settings window at the far-left corner.
- On the “Settings” window, click on “Steam Play.” Ensure you check the “Enable Steam Play for supported files” and “Enable Steam Play for all other titles” checkboxes. Lastly, select the Proton version you wish to use from the drop-down menu.
ProtonDB
ProtonDB is a collection of over 100,000 gaming reports from other gamers as they test games with Proton on Linux and provide aggregate scores of how well games perform. A growing pool of suggestions provides tweaks that you can try to get games working while Proton continues development. In addition to this, you may explore the Steam game catalog on this site to browse and discover a wide range of titles that were previously unavailable for use on Linux.
Lutris
Lutrisis a gaming client for Linux. It gives you access to all your video games with the exception of the current console generation. Also, integrates nicely with other stores like GOG, Steam, Battle.net, Origin, Uplay and many other sources that allow you to import your existing game library and community maintained install scripts give you a completely automated setup.
Epic Games Store integration
Blizzard Battle.net intgeration
Blizzard Battle.net is an internet-based online gaming, digital distribution, and digital rights management platform developed by Activision and Blizzard Entertainment. Battle.net is the launcher for World of Warcraft, Diablo III, StarCraft II, Hearthstone, Heroes of the Storm, Overwatch and Call of Duty.
EA Play integration
EA Play is a subscription-based video game service from Electronic Arts for the Xbox One, Xbox Series X/S, PlayStation 4, PlayStation 5 and Microsoft Windows platforms, offering access to selected games published by Electronic Arts along with additional incentives.
Origin integration
Origin is an online gaming, digital distribution and digital rights management (DRM) platform developed by Electronic Arts that allows users to purchase games on the internet for PC and mobile platforms, and download them with the Origin client (formerly EA Download Manager, EA Downloader and EA Link).
Ubisoft Connect integration
Ubisoft Connect is a digital distribution, digital rights management, multiplayer and communications service created by Ubisoft to provide an experience similar to the achievements/trophies offered by various other game companies.
GOG Galaxy integration
GOG GALAXY is a fully optional client to install, play and update your games.
Playnite
Playnite is an open source video game library manager and launcher with support for 3rd party libraries like Steam, GOG, Origin, Battle.net and Ubisoft Connect. Includes game emulation support, providing one unified interface for your games.
GameHub
GameHub is a unified library for all your games. It allows you to store your games from different platforms into one program to make it easier for you to manage your games.
GameHub supports:
-
native games for Linux
-
multiple compatibility layers:
- Wine
- Proton
- DOSBox
- RetroArch
- ScummVM
- WineWrap — a set of preconfigured wrappers for supported games;
- custom emulators
-
multiple game platforms:
Epic Games Store
Heroic is an Open Source Game Launcher for Linux, Windows and macOS (for both Native and Windows Games using Crossover). It supports launching games from the Epic Games Store using Legendary, a CLI alternative to the Epic Games Launcher. Flatpak for Heroic Games Launcher
Epic Games Store is a digital video game storefront for Microsoft Windows and macOS, operated by Epic Games.
Game Streaming
Cloud Game Streaming
Xbox Cloud Gaming is Microsoft's cloud-based Xbox game-streaming technology (currently in Beta). Play games like Forza Horizon 4, Halo 5: Guardians, Gears of War 4, Sea of Thieves, Cuphead, Red Dead Redemption 2, and 100+ other games on your mobile device or Chrome web browser. Xbox Cloud Gaming does require an Xbox Game Pass Ultimate subscription.
Geforce NOW is NVIDIA's Cloud Gaming Service.
Amazon Luna is Amazon's Cloud Gaming Service. Amazon Luna is Compatible/Supported on a vartiey of Devices and Browsers.
Shadow is a fully-featured, cloud-based, high-end computer. It is the only remote service that offers performance capable of competing with a local PC. Available on Windows, macOS, Linux, Android/AndroidTV, and iOS/tvOS.
Local Game Streaming
Steam Remote Play Together is a steam service that let's you share your Steam local multi-player games with friends over the internet, for free. Using Remote Play Together, one player owns and runs the game, then up to four players can join.
Steam Link app is available free of charge, streaming your Steam PC games to phones, tablets, and TV.
Chiaki is a Free and Open Source Software Client for PlayStation 4 and PlayStation 5 Remote Play for Linux, FreeBSD, OpenBSD, Android, macOS, Windows, Nintendo Switch and potentially even more platforms. Chiaki Flatpak
Parsec is a video game streaming platform, which offers a wide variety of games and genres to choose from and provides a high-quality and smooth gameplay. SParsec is developed in order to provide a high-quality smooth gameplay, same time to be free of all ads and in-game purchases.
Moonlight Game Streaming is a program that let you stream from your PC games over the Internet with no configuration required. Stream from almost any device, whether you're in another room or miles away from your gaming rig. Sunshine is a Game stream host for Moonlight that is a self-hosted, low latency, cloud gaming solution with support for AMD, Intel, and NVIDIA GPUs.
Game Emulators
Also checkout these subreddits for more great Game Emulators recommendations
- r/emulation
- r/emulations
- r/RetroArch
- r/DolphinEmulator
- r/Citra
- r/cemu
- r/yuzu
- r/OpenEmu
- r/MAME
- r/EmuDev
- r/Roms
Frontends
EmulationStation Desktop Edition (ES-DE) is a frontend application for browsing and launching games from your multi-platform game collection. It's available for Unix/Linux, macOS(M1 & Intel) and Windows.
RetroArch is a frontend for emulators, game engines and media players. It enables you to run classic games on a wide range of computers and consoles through its slick graphical interface. Settings are also unified so configuration is done once and for all. RetroArch Flatpak
RetroPie is a frontend for emulators that allows you to turn your Raspberry Pi, ODroid C1/C2, or PC into a retro-gaming machine. It builds upon Raspbian, EmulationStation, RetroArch and many other projects to enable you to play your favourite Arcade, home-console, and classic PC games with the minimum set-up.
Pegasus is a cross platform, customizable graphical frontend for launching emulators and managing your game library (especially retro games) and launching them from one place. It's focused on customizability, cross platform support (including embedded devices) and high performance. Pegasus Flatpak
Mednaffe is a front-end (GUI) for mednafen emulator which is a portable argument(command-line)-driven multi-system emulator. Mednaffe Flatpak
The following systems are supported:
- Atari Lynx
- Neo Geo Pocket (Color)
- WonderSwan
- GameBoy (Color)
- GameBoy Advance
- Nintendo Entertainment System
- Super Nintendo Entertainment System/Super Famicom
- Virtual Boy
- PC Engine/TurboGrafx 16 (CD)
- SuperGrafx
- PC-FX
- Sega Game Gear
- Sega Genesis/Megadrive
- Sega Master System
- Sega Saturn (experimental, x86_64 only)
- Sony PlayStation
Cartridge is a self-hosted game library made with Laravel + Vue.js.
Cartridge Features
- Scan for ROM files and match with IGDB game information
- Serve ROM download links alongside game details
- Manage access to library with user creation and permissions (WIP)
- Allow users to request games (Planned)
- Play select ROMs in-browser using JS emulators (Planned)
- Track played and favorite games (even ones that aren't available for download) (Planned)
Nintendo GameCube & Wii
Dolphin is an emulator for two recent Nintendo video game consoles: the GameCube and the Wii. It allows PC gamers to enjoy games for these two consoles in full HD (1080p) with several enhancements: compatibility with all PC controllers, turbo speed, networked multiplayer, and even more. Dolphin Flatpak
Nintendo Switch
Ryujinx is an open-source Nintendo Switch emulator created by gdkchan and written in C#. This emulator aims at providing excellent accuracy and performance, a user-friendly interface, and consistent builds. Ryujinx Flatpak
yuzu is an experimental open-source emulator for the Nintendo Switch from the creators of Citra. yuzu is an experimental open-source emulator for the Nintendo Switch from the creators of Citra.Yuzu Flatpak
Nintendo 64
m64p is a Nintendo 64 Emulator. It uses mupen64plus-gui, a brand new mupen64plus frontend written in Qt5. It supports all of the things you’d expect from a frontend (savestate management, pausing, screenshots). m64p Flatpak
simple64 is an emulator based on a heavily modified version of mupen64plus-core, and ParaLLEl RSP/RDP. It includes a GUI, netplay, controller configuration, and more. simple64 Flatpak
Nintendo 3DS
Citra is an open-source emulator for the Nintendo 3DS capable of playing many of your favorite games.Citra Flatpak
Nintendo DS
DeSmuME is a Nintendo DS emulator. DeSmuME Flatpak
melonDS is a tool that aims at providing fast and accurate Nintendo DS emulation. While it is still a work in progress, it has a pretty solid set of features. melonDS Flatpak
Features:
- Nearly complete core (CPU, video, audio, etc...)
- OpenGL renderer, 3D upscaling
- RTC, microphone, lid close/open
- Joystick support
- Savestates
- Various display position/sizing/rotations modes
- Work-in-progress Wi-Fi emulation for online connectivity and local multiplayer
- Experimental emulation of the Nintendo DSi
Super Nintendo Entertainment System (SNES)
Snes9x is a portable, freeware Super Nintendo Entertainment System (SNES) emulator. Snes9x Flatpak
bsnes is a Super Nintendo (SNES) emulator focused on performance, features, and ease of use. bsnes flatpak
Nintendo Entertainment System
Nestopia is a portable NES/Famicom emulator written in C++. Nestopia Flatpak
Game Boy Advance
mGBA is a new emulator for running Game Boy Advance games. It aims to be faster and more accurate than many existing Game Boy Advance emulators, as well as adding features that other emulators lack. mGBA Flatpak
SameBoy is an open source Game Boy (DMG) and Game Boy Color (CGB) emulator, written in portable C. It has an SDL frontend and a libretro core. SameBoy Flatpak
GB Enhanced+ is an original Game Boy, Game Boy Color and Game Boy Advance emulator. Its focus is on completeness of emulation, including peripherals. GB Enhanced+ Flatpak
DOS
DOSBox is an open-source DOS emulator which primarily focuses on running DOS Games.
DOSBox Staging is a full x86 CPU emulator (independent of host architecture), capable of running DOS programs that require real or protected mode. DOSBox Staging Flatpak
Atari
Stella is a multi-platform Atari 2600 VCS emulator released under the GNU General Public License (GPL). Stella is available on Windows MacOS, Linux, and FreeBSD. Stella Flatpak
Hatari is an Atari ST/STE/TT/Falcon emulator for Linux, BSD, MacOS, Windows and other systems which are supported by the SDL library. The Atari ST was a 16/32 bit computer system which was first released by Atari in 1985. Hatrai Flatpak
Sega Dreamcast
Flycast is a multi-platform Sega Dreamcast, Naomi and Atomiswave emulator derived from reicast. Flycast Flatpak
PlayStation Portable
PPSSPP is a PSP emulator that can run games in full HD resolution. It can even upscale textures that would otherwise be too blurry as they were made for the small screen of the original PSP. PPSSPP Flatpak
PlayStation 1
DuckStation is an simulator/emulator of the Sony PlayStation 1 console, focusing on playability, speed, and long-term maintainability. DuckStation Flatpak.
Avocado is a Modern PlayStation 1 emulator.
PlayStation 2
PCSX2 is a Playstation 2 'emulator', a free program that tries to replicate the Playstation 2 console to enable you to play PS2 games on your PC. PCSX2 Flatpak
Play! is a PlayStation2 emulator for Windows, macOS, Linux, Android, iOS and web browser platforms. Play! Flatpak
PlayStation 3
RPCS3 is an experimental open-source Sony PlayStation 3 emulator and debugger written in C++ for Windows and Linux. RPCS3 started development in May of 2011 by its founders DH and Hykem. The emulator is currently capable of running over 1800 commercial titles powered by Vulkan and OpenGL. RPCS3 Flatpak
Xbox
xemu is an original Xbox emulator. xemu Flatpak
Xenia is an Xbox 360 Emulator.
MAME
MAME is a Arcade Machine Emulator. MAME Flatpak
Hardware Performance(CPU, GPU, Gaming Peripherals)
NVIDIA
GreenWithEnvy (GWE) is a GTK system utility designed by Roberto Leinardi to provide information, control the fans and overclock your NVIDIA video card for better performance. Available as a Flatpak on FlatHub.
AMD
-
AMD FidelityFX Super Resolution (FSR) is an open source, high-quality solution for producing high resolution frames from lower resolution inputs. FSR enables “practical performance” for costly render operations, such as hardware ray tracing for the AMD RDNA™ and AMD RDNA™ 2 architectures.
-
AMD FidelityFX Super Resolution (FSR) 2.0 is an open source, high-quality solution for producing high resolution frames from lower resolution inputs. It uses temporal data and optimized anti-aliasing to boost framerates in supported games while delivering similar or better image quality than native resolution.
-
AMD Open Source Driver for Vulkan® is an open-source Vulkan driver for Radeon™ graphics adapters on Linux®. It is built on top of AMD's Platform Abstraction Library (PAL), a shared component that is designed to encapsulate certain hardware and OS-specific programming details for many of AMD's 3D and compute drivers.
-
Vulkan® Memory Allocator (VMA) is a library provides a simple and easy to integrate API to help you allocate memory for Vulkan® buffer and image storage.
-
Radeon™ Raytracing Analyzer (RRA) is a tool that investigates the performance of your raytracing applications and highlight potential bottlenecks.
-
Radeon™ GPU Profiler is a low-level optimization tool that provides detailed information on Radeon™ GPUs.
-
Radeon™ GPU Analyzer is an offline compiler and performance analysis tool for DirectX®, Vulkan®, SPIR-V™, OpenGL®, and OpenCL™. It can be used together with RGP, RMV, and RDP.
-
Radeon™ Developer Panel (RDP) is an essential part of the Radeon™ Developer Tool Suite. It provides the communication channel that delivers requests to, and receives data from, the AMD Radeon™ driver.
-
Radeon™ Memory Visualizer (RMV) is a powerful tool that allows users to analyze video memory usage on AMD Radeon GPUs.
Radeon™ Memory Visualizer (RMV)
- CoreCtrl is a free and open source Linux application that allows you to control your computer hardware with ease using application profiles for native and Windows applications, along with basic CPU controls and full AMD GPUs controls (for both old and new models).
Intel ARC
Version requirements for DG2/Alchemist hardware on Linux:
- Linux Kernel 6.0 or newer
- Mesa 22.2 or newer for ANV Vulkan and Iris OpenGL will in turn work out-of-the-box with current cards when booting with the necessary kernel support in place.
- Latest linux-firmware.git for the very latest GuC firmware support.
Note: With Linux 6.0 the DG2 class support is not exposed by default but requires setting the i915.force_probe=[PCI-ID] module option to force the driver to initialize the graphics card.
On Debian-based systems:
sudo dmesg | grep -i i915
On Arch Linux-based systems:
su dmesg | grep -i i915
Intel Xe Super Sampling (XeSS) is a temporal image upscaling AI rendering technology that increases graphics performance similar to NVIDIA's DLSS (Deep Learning Super Sampling). Intel's Arc GPU architecture (Fall 2022) will have GPUs that feature dedicated Xe-cores to run XeSS. The GPUs will have Xe Matrix eXtenstions matrix (XMX) engines for hardware-accelerated AI processing. XeSS will be able to run on devices without XMX, including integrated graphics, though, the performance of XeSS will be lower on non-Intel graphics cards because it will be powered by DP4a instruction.
Intel ARC GPUs Overview. Credit: Intel
Gaming Peripherals
OpenRazer is a collection of Linux drivers for Razer devices - providing kernel drivers, DBus services and Python bindings to interact with the DBus interface.
OpenRGB is a network-based Software Development Kit, which allows third-party software to control all of your RGB. This allows for game integrations, music visualization, ambient lighting, and anything else you can imagine. It supports ASUS, ASRock, Corsair, G.Skill, Gigabyte, HyperX, MSI, Razer, ThermalTake, and more.
GX52 is a GTK application designed to provide control for the LEDs and MFD of Logitech X52 and X52 Pro H.O.T.A.S.
Coolero is a program to monitor and control your cooling devices. It offers an easy-to-use user interface with various control features and also provides live thermal performance details.
Piper is a frontend GTK application to configure gaming devices(mainly Gaming Mice).
StreamDeck-UI is a Linux compatible UI for the Elgato Stream Deck.
Asusctl is a control daemon, CLI tools, and a collection of crates for interacting with ASUS ROG laptops.
MangoHud is a Vulkan and OpenGL overlay for monitoring FPS, temperatures, CPU/GPU load and more.
GOverlay is an open source project aimed to create a Graphical UI to manage Vulkan/OpenGL overlays. It is still in early development.
Performance Benchmarks
Geekbench 5 is a cross-platform benchmark that measures your system's performance with the press of a button.
UNIGINE Superposition is an extreme performance and stability test for PC hardware: video card, power supply, cooling system.
Wine
WINE(Wine Is Not an Emulator) is a compatibility layer capable of running Windows applications on several POSIX-compliant operating systems, such as Linux, macOS, & BSD. Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing you to cleanly integrate Windows applications into your desktop.
Winetricks
Winetricks is an easy way to work around problems in Wine.
WireGuard
WireGuard® is a straight-forward, fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under a massive development, but it already might be regarded as the most secure, most comfortable to use, and the simplest VPN solution in the industry.
Wiretrustee is a WireGuard®-based mesh network that connects your devices into a single private network.
Wireguard Manager is a tool that enables you to build your own vpn under a minute.
Tailscale is a WireGuard-based app that makes secure, private networks easy for teams of any scale. It works like an overlay network between the computers of your networks using all kinds of NAT traversal sorcery.
Headscale is an open source, self-hosted implementation of the Tailscale coordination server.
Firezone is a self-hosted WireGuard®-based VPN server and Linux firewall.
Mistborn is a secure platform for easily standing up and managing your own cloud services: including firewall, ad-blocking, and multi-factor WireGuard VPN access.
Mistborn CLI is a Command-line interface for Mistborn.
BoringTun is an implementation of the WireGuard® protocol designed for portability and speed. It's successfully deployed on millions of iOS and Android consumer devices as well as thousands of Cloudflare Linux servers.
PiVPN is the simplest VPN installer, designed for Raspberry Pi.
Algo VPN is a set of Ansible scripts that simplify the setup of a personal WireGuard and IPsec VPN. It uses the most secure defaults available and works with common cloud providers.
Pro Custodibus is a tool for managing WireGuard with a variety of business VPN (Virtual Private Network) use cases, such as site-to-site connectivity, secure remote access from anywhere, secure access to the cloud (Amazon Web Services, Google Cloud Platform, Microsoft Azure, etc), and more.
Drago is a flexible configuration manager for WireGuard designed to make it simple to configure secure network overlays spanning heterogeneous nodes distributed across different clouds and physical locations. Drago is in active development, and we welcome contributions from the open-source community.
Netmaker is a tool that helps connect any computers together over a secure, fast, private network, and manage multiple networks from a central server.
Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes. Kilo connects nodes in a cluster by providing an encrypted layer 3 network that can span across data centers and public clouds. The Pod network created by Kilo is always fully connected, even when the nodes are in different networks or behind NAT. By allowing pools of nodes in different locations to communicate securely, Kilo enables the operation of multi-cloud clusters. Kilo's design allows clients to VPN to a cluster in order to securely access services running on the cluster.
Subspace is a simple WireGuard VPN server GUI.
WG UI is a basic, self-contained management service for WireGuard with a self-serve web UI.
WireHole is a combination of WireGuard, PiHole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create and deploy a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities (via Pihole), and DNS caching with additional privacy options (via Unbound).
Gluetun is a lightwieght VPN client in a thin Docker container for multiple VPN providers, written in Go, and uses OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
Ethr is a cross platform network performance measurement tool written in golang. The goal of this project is to provide a native tool for comprehensive network performance measurements of bandwidth, connections/s, packets/s, latency, loss & jitter, across multiple protocols such as TCP, UDP, HTTP, HTTPS, and across multiple platforms such as Windows, Linux and other Unix systems.
Linux Security Hardening
Security Standards, Frameworks and Benchmarks
-
Personal Security Checklist is a curated checklist of 300+ tips for protecting digital security and privacy in 2022.
-
Awesome Privacy is acurated list of privacy & security-focused software and services.
-
OSSTMM (Open Source Security Testing Methodology Manual) PDF
-
NIST Technical Guide to Information Security Testing and Assessment (PDF)
-
Common Criteria for Information Technology Security Evaluation (CC) is an international standard (ISO / IEC 15408) for computer security. It allows an objective evaluation to validate that a particular product satisfies a defined set of security requirements.
-
ISO 22301 is the international standard that provides a best-practice framework for implementing an optimised BCMS (business continuity management system).
-
ISO27001 is the international standard that describes the requirements for an ISMS (information security management system). The framework is designed to help organizations manage their security practices in one place, consistently and cost-effectively.
-
ISO 27701 specifies the requirements for a PIMS (privacy information management system) based on the requirements of ISO 27001. It is extended by a set of privacy-specific requirements, control objectives and controls. Companies that have implemented ISO 27001 will be able to use ISO 27701 to extend their security efforts to cover privacy management.
-
SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your company/organization and the privacy of their clients.
-
NIST CSF is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risk based on existing best practice.
-
Landlock LSM(Linux Security Module) is a framework to create scoped access-control (sandboxing). Landlock is designed to be usable by unprivileged processes while following the system security policy enforced by other access control mechanisms (DAC, LSM, etc.).
Security Tools
OpenSCAP is U.S. standard maintained by National Institute of Standards and Technology (NIST). It provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. OpenSCAP maintains great flexibility and interoperability by reducing the costs of performing security audits. Whether you want to evaluate DISA STIGs, NIST‘s USGCB, or Red Hat’s Security Response Team’s content, all are supported by OpenSCAP.
Open Vulnerability and Assessment Language is a community effort to standardize how to assess and report upon the machine state of computer systems. OVAL includes a language to encode system details, and community repositories of content. Tools and services that use OVAL provide enterprises with accurate, consistent, and actionable information to improve their security.
OWASP is an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
OWASP Nettacker is a project created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices.
OWASP Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. Great for pentesters, devs, QA, and CI/CD integration. At its core, ZAP is what is known as a "man-in-the-middle proxy."
SELinux is a security enhancement to Linux which allows users and administrators more control over access control. Access can be constrained on such variables as which users and applications can access which resources. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications.
AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing both known and unknown application flaws from being exploited. AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It has been included in the mainline Linux kernel since version 2.6.36 and its development has been supported by Canonical since 2009.
Control Groups(Cgroups) is a Linux kernel feature that allows you to allocate resources such as CPU time, system memory, network bandwidth, or any combination of these resources for user-defined groups of tasks (processes) running on a system.
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
Lynis is a security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation is optional.
Fail2Ban is an open source intrusion prevention software framework that scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time.
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.
Burp Suite is a leading range of cybersecurity tools.
KernelCI is a community-based open source distributed test automation system focused on upstream kernel development. The primary goal of KernelCI is to use an open testing philosophy to ensure the quality, stability and long-term maintenance of the Linux kernel.
Continuous Kernel Integration project helps find bugs in kernel patches before they are commited to an upstram kernel tree. We are team of kernel developers, kernel testers, and automation engineers.
Snowpatch is a continuous integration tool for projects using a patch-based, mailing-list-centric git workflow. This workflow is used by a number of well-known open source projects such as the Linux kernel.
Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and harder to misuse.
OSSEC HIDS(Host Intrusion Detection System) is an open source security tool that performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. In addition to its IDS functionality, it is commonly used as a SEM/SIM solution.
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer.
Certgen is a convenience tool to generate and store certificates for Hubble Relay mTLS.
syzkaller is an unsupervised, coverage-guided kernel fuzzer.
SchedViz is a tool for gathering and visualizing kernel scheduling traces on Linux machines.
oss-fuzz aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution.
Wfuzz was created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.
Nmap is a security scanner used to discover hosts and services on a computer network, thus building a "map" of the network.
Acra is a single database security suite with 9 strong security controls: application level encryption, searchable encryption, data masking, data tokenization, secure authentication, data leakage prevention, database request firewall, cryptographically signed audit logging, security events automation. It is designed to cover the most important data security requirements with SQL and NoSQL databases and distributed apps in a fast, convenient, and reliable way.
Netdata is high-fidelity infrastructure monitoring and troubleshooting, real-time monitoring Agent collects thousands of metrics from systems, hardware, containers, and applications with zero configuration. It runs permanently on all your physical/virtual servers, containers, cloud deployments, and edge/IoT devices, and is perfectly safe to install on your systems mid-incident without any preparation.
Themis is a free open-source high-level cryptographic library for mobile and backend platforms. Recommended by OWASP for application security, it allows protecting sensitive data (PII, locations, messages, etc.). While giving easy-to-use and hard-to-misuse API, Themis works to provide secure data storage, message exchange, socket connections, and authentication in apps across 15 platforms and languages.
Trivy is a comprehensive security scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets.
Lynis is a security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
RustScan is a Modern Port Scanner.
gosec is a Golang Security Checker that inspects source code for security problems by scanning the Go AST.
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
eNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive UI.
Osmedeus is a Workflow Engine for Offensive Security. It was designed to build a foundation with the capability and flexibility that allows you to build your own reconnaissance system and run it on a large number of targets.
Terrascan is a static code analyzer for Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys.
Payloads All The Things is a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
TheHive is a scalable 3-in-1 open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. It is the perfect companion to MISP.
MITRE ATT&CK® is a global knowledge base of adversary tactics and techniques based on real-world security observations. It is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
CALDERA™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.
Atomic Red Team™ is a library of tests mapped to the MITRE ATT&CK® framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.
Amass is an OWASP Project that performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
IVRE is a network recon framework. That let's you build your own, self-hosted and fully-controlled alternatives to Shodan, ZoomEye, Censys, and GreyNoise. IVRE can run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more.
MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reversers to support their day-to-day operations to share structured information efficiently.
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
eBPF is a technology that can run sandboxed programs in the Linux kernel without changing kernel source code or loading kernel modules. By making the Linux kernel programmable, infrastructure software can leverage existing layers, making them more intelligent and feature-rich without continuing to add additional layers of complexity to the system.
Cilium uses eBPF to accelerate getting data in and out of L7 proxies such as Envoy, enabling efficient visibility into API protocols like HTTP, gRPC, and Kafka.
Hubble is a Network, Service & Security Observability for Kubernetes using eBPF.
Patchwork is a web-based patch tracking system designed to facilitate the contribution and management of contributions to an open-source project.
pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more.
Emissary is a P2P based data-driven workflow engine that runs in a heterogeneous possibly widely dispersed, multi-tiered P2P network of compute resources. Workflow itineraries are not pre-planned as in conventional workflow engines, but are discovered as more information is discovered about the data.
MADCert is a cross-platform tool that consists of a certificate generator, a file system certificate manager, and a command line interface for the purposes of testing.
Priam is a tool/process for backup/recovery, Token Management, and Centralized Configuration management for Cassandra.
File systems
GlusterFS is a free and open source scalable network filesystem. Gluster is a scalable network filesystem. Using common off-the-shelf hardware, you can create large, distributed storage solutions for media streaming, data analysis, and other data- and bandwidth-intensive tasks.
Ceph is a software-defined storage solution designed to address the object, block, and file storage needs of data centers adopting open source as the new norm for high-growth block storage, object stores and data lakes. Ceph provides enterprise scalable storage while keeping CAPEX and OPEX costs in line with underlying bulk commodity disk prices.
Hadoop Distributed File System (HDFS) is a distributed file system that handles large data sets running on commodity hardware. It is used to scale a single Apache Hadoop cluster to hundreds (and even thousands) of nodes. HDFS is one of the major components of Apache Hadoop, the others being MapReduce and YARN.
ZFS is an enterprise-ready open source file system and volume manager with unprecedented flexibility and an uncompromising commitment to data integrity.
OpenZFS is an open-source storage platform. It includes the functionality of both traditional file systems and volume manager. It has many advanced features including:
- Protection against data corruption.
- Integrity checking for both data and metadata.
- Continuous integrity verification and automatic "self-healing" repair.
Btrfs is a modern copy on write (CoW) filesystem for Linux aimed at implementing advanced features while also focusing on fault tolerance, repair and easy administration. Its main features and benefits are:
- Snapshots which do not make the full copy of files
- RAID - support for software-based RAID 0, RAID 1, RAID 10
- Self-healing - checksums for data and metadata, automatic detection of silent data corruptions
MergerFS is a union filesystem geared towards simplifying storage and management of files across numerous commodity storage devices. It is similar to mhddfs, unionfs, and aufs.
MergerFS Features
- Configurable behaviors / file placement
- Ability to add or remove filesystems at will
- Resistance to individual filesystem failure
- Support for extended attributes (xattrs)
- Support for file attributes (chattr)
- Runtime configurable (via xattrs)
- Works with heterogeneous filesystem types
- Moving of file when filesystem runs out of space while writing
- Ignore read-only filesystems when creating files
- Turn read-only files into symlinks to underlying file
- Hard link copy-on-write / CoW
- Support for POSIX ACLs
Bcachefs is an advanced new filesystem for Linux, with an emphasis on reliability and robustness and the complete set of features one would expect from a modern filesystem. Scalability has been tested to 50+ TB, will eventually scale far higher.
Squashfs is a compressed read-only filesystem for Linux. It uses zlib, lz4, lzo, or xz compression to compress files, inodes and directories. Inodes in the system are very small and all blocks are packed to minimize data overhead.
Debian
Getting Started with Debian
Debian is an operating system and a distribution of Free Software. It is maintained and updated through the work of many users who volunteer their time and effort.
Install Docker Engine on Debian
Installing Debian on WSL (Windows Subsystem for Linux)
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Debian 11 Desktop
Ubuntu
Getting Started with Ubuntu
Ubuntu is a modern open source operating system on Linux for the enterprise Server, Desktop, Cloud, and IoT developed by Canonical. Also, checkout the new Ubuntu Desktop Installer, which will be available to test in the 21.10 release (October 2021).
Ubuntu Flavours is for those that prefer an alternative desktop environment such as KDE Plasma Desktop, MATE, Xfce, LXQt, Budgie, and UKUI you can download a Flavour for your preferred desktop environment and use that to install Ubuntu, pre-configured for the desktop environment of your choice.
Ubuntu Desktop
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Etcher UI
Additional Ubuntu Tools & Resources for Enterprise & Small Businesses
FreeRDP is a free remote desktop protocol library and clients.
apt-get is a tool that provides functionality for .debs published in 3rd party repositories or via direct download. It works on Ubuntu and derivative distributions.
ZFS is an enterprise-ready open source file system and volume manager with unprecedented flexibility and an uncompromising commitment to data integrity.
OpenZFS is an open-source storage platform. It includes the functionality of both traditional file systems and volume manager. It has many advanced features including:
- Protection against data corruption.
- Integrity checking for both data and metadata.
- Continuous integrity verification and automatic "self-healing" repair.
Multipass is a command line interface to launch, manage and generally test with instances of Linux(Ubuntu) in a VM. It works on Linux, Windows and macOS.
LXD is a next generation system container manager. It offers a user experience similar to virtual machines but using Linux containers instead. It's image based with pre-made images available for a wide number of Linux distributions and is built around a very powerful, yet pretty simple, REST API.
MAAS is an open source SDDC solution used by telcos, financial institutions, media companies and supercomputer admins to take care of all the low-level details. PXE, IPMI, ILO and all the custom protocols needed for diverse vendor hardware support come together in one clean REST API with Python bindings for easy integration and automation.
JuJu is an open source application modeling tool for public and private clouds. It forms part of Ubuntu's cloud portfolio, together with Ubuntu Server, Ubuntu OpenStack, MAAS for bare-metal provisioning, and Landscape for systems management and monitoring.
JAAS (Juju as a Service) is a service that makes it easy to deploy OpenStack at scale. Where you quickly and reliably build an enterprise-scale cloud running on Ubuntu.
Ubuntu OpenStackis the #1 platform for OpenStack and the #1 platform for public cloud operations on AWS, Microsoft Azure and Google Cloud.
Ubuntu is the reference platform for Kubernetes on all major public clouds, including official support in Google's GKE, Microsoft's AKS and Amazon's EKS CAAS offerings.
Ubuntu on WSL is a wiki guide on getting started with the latest version of Ubuntu installed and setup on WSL for Windows 10.
Ubuntu Pro for Azure is a premium image designed by Canonical optimized for production environments running on Azure. It includes security and compliance services, enabled by default, in a form suitable for small to large-scale Linux enterprise operations with no contract needed.
Active Directory Integration on Ubuntu
Removing Snap and adding Flatpak support
Unsnap is a tool to quickly migrate from using snap packages to flatpaks.
Unsnap running in the terminal. Credit: Alan Pope
Setting up PipeWire for Ubuntu/Debian
Note: For those using Pop!_OS 22.04 or later PipeWire is already setup by default.
Add PipeWire PPA
$ sudo add-apt-repository ppa:pipewire-debian/pipewire-upstream
Install the pipewire-audio-client-libraries and additional libraries to use Bluetooth, GStreamer, or JACK devices with your Ubuntu/Debian system.
$ sudo apt update
$ sudo apt install pipewire pipewire-audio-client-libraries gstreamer1.0-pipewire libpipewire-0.3-{0,dev,modules} libspa-0.2-{bluetooth,dev,jack,modules} pipewire{,-{audio-client-libraries,pulse,media-session,bin,locales,tests}}
After installation has completed, run the following command to reload the daemon in systemd.
$ systemctl --user daemon-reload
Disable PulseAudio in Ubuntu. It will no longer be needed, since we are using PipeWire.
$ systemctl --user --now disable pulseaudio.service pulseaudio.socket
PulseAudio is disabled, we can start PipeWire and enable it to run automatically upon system boot.
$ systemctl --user --now enable pipewire pipewire-pulse
Run the following command to ensure that PipeWire is running.
$ pactl info
Reverting Changes
$ sudo apt remove pipewire pipewire-audio-client-libraries gstreamer1.0-pipewire libpipewire-0.3-{0,dev,modules} libspa-0.2-{bluetooth,dev,jack,modules} pipewire{,-{audio-client-libraries,pulse,media-session,bin,locales,tests}}
Reload the daemon in systemd.
$ systemctl --user daemon-reload
Re-enables the PulseAudio service after you do a system reboot.
$ systemctl --user --now enable pulseaudio.service pulseaudio.socket
Ensure that PulseAudio has been completely restored.
$ pactl info
Pop!_OS
Getting Started with Pop!_OS
Pop!_OS is an operating system(based on Ubuntu) for STEM and creative professionals who use their computer as a tool to discover and create developed by System76.
Pop!_OS COSMIC (Computer Operating System Main Interface Components) is a custom desktop environment developed by System76. This makes navigating your desktop workflow via your mouse, keyboard, and/or trackpad much simpler and more efficient.
PipeWire is a server and user space API to deal with multimedia pipelines. It provides a low-latency, graph based processing engine on top of audio and video devices that can be used to support the use cases currently handled by both pulseaudio and JACK. PipeWire was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy. Nodes in the graph can be implemented as separate processes, communicating with sockets and exchanging multimedia content using fd passing.
Popsicle is a Linux utility for flashing multiple USB devices in parallel, written in Rust.
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Pop!_OS Desktop
Pop Shop
Linux Mint
Getting Started with Linux Mint
Linux Mint is a modern, elegant, and comfortable open source operating system(based on Debian and Ubuntu), which is both powerful and easy to use for both new and advanced users. The flagsip version of Linux Mint uses the Cinnamon desktop environment similiar to Windows 7.
Linux Mint Desktop
Linux Mint MATE uses the MATE Desktop environment.
Linux Mint Desktop with MATE
Linux Mint Xfce uses the Xfce Desktop environment.
Linux Mint Desktop with Xfce
Linux Mint Debian Edition (LMDE) uses Debian Bullseye as the base for a very stable and rock solid user experience with the Cinnamon desktop.
Linux Mint Debian Edition (LMDE)
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Etcher UI
Installing KDE Plasma on Linux Mint
sudo apt install kde-plasma-desktop
OR
sudo apt install kde-standard
KDE Plasma Desktop on Linux Mint
Enable Firewall
sudo systemctl enable ufw
sudo systemctl start ufw
Getting Software
Linux Mint Software Center
Note 1: All this software is also available in other popular Linux distributions such as Debian, elementary OS, Pop!_OS, Fedora, Manjaro Linux, EndeavourOS and Arch Linux.
Note 2: For new users not comfortable with using the command-line checkout the Essential Apps section to get started. Also, if you scroll down further you'll see other easy ways to get software applications through Flathub, Snap Store, and AppImages.
Fedora/CentOS Stream/RHEL
Getting Started with FedoraCentOS Stream/RHEL
Fedora is a polished, easy to use operating system for laptop & desktop computers, with a complete set of tools for developers and makers of all kinds. The Fedora OS base is used to build/develop new versions of Red Hat® Enterprise Linux® (RHEL) the world's leading enterprise Linux platform. The OS serves as the foundation for which you can scale existing apps and roll out emerging technologies across bare-metal, virtual, container, and all types of cloud environments.
Fedora Server is a powerful, flexible operating system that includes the best and latest datacenter technologies. It puts you in control of all your infrastructure and services.
Fedora ARM is an initiative to bring versions of Fedora tailored for running on ARM-based systems.
Fedora Silverblue is a variant of the Fedora Workstation that uses rpm-ostree to provide an immutable OS image with reliable updates and easy rollbacks.
Fedora Kinoite is an immutable desktop operating system. It aims to be extremely stable and reliable. It also aims to be an excellent platform for developers and for those using container-focused workflows. Kinoite is a variant of the Fedora KDE Spin.
Fedora CoreOS is an automatically-updating, minimal operating system for running containerized workloads securely and at scale.
Fedora Spins is for those that prefer an alternative desktop environment such as KDE Plasma Desktop, MATE; or Xfce, you can download a spin for your preferred desktop environment and use that to install Fedora, pre-configured for the desktop environment of your choice.
CentOS Stream is a continuously delivered distro(uses the Fedora OS base) that tracks just ahead of Red Hat Enterprise Linux (RHEL) development, positioned as a midstream between Fedora Linux and RHEL.
Red Hat Enterprise Linux CoreOS is a derivative of Fedora CoreOS, used in OpenShift 4. The machine-config-operator manages upgrades. RHEL CoreOS is also the successor to RHEL Atomic Host, which uses rpm-ostree as well.
EPEL (Extra Packages for Enterprise Linux) is an free and open source community-based repository project from the Fedora team which provides 100% high-quality add-on software packages for Linux distribution including RHEL (Red Hat Enterprise Linux) and CentOS Stream.
DNF(Dandified Packaging Tool) is a software package manager that installs, updates, and removes packages on Fedora and is the successor to YUM (Yellow-Dog Updater Modified). DNF makes it easy to maintain packages by automatically checking for dependencies and determines the actions required to install packages.
Micro DNF is a lightweight C implementation of DNF, designed to be used for doing simple packaging actions when you don't need full-blown DNF and you want the tiniest useful environments possible. Checkout the Micro DNF GitHub.
Fedora Updates System is a place to create, test, and publish package updates for Fedora.
BuildStream is a flexible and extensible framework for the modelling of build pipelines in a declarative YAML format, written in python.
CoreOS Assembler (COSA) is a collection of various tools used to build Fedora CoreOS style systems, including RHEL CoreOS. The goal is that everything needed to build and test the OS comes encapsulated in one (admittedly large) container.
OSTree is an upgrade system for Linux-based operating systems that performs atomic upgrades of complete filesystem trees. It is not a package system; rather, it is intended to complement them. Checkout the OSTree GitHub.
rpm-ostree is a hybrid image/package system. It combines libostree as a base image format, and accepts RPM on both the client and server side, sharing code with the dnf project; specifically libdnf. Thus bringing many of the benefits of both projects together.
Pulp is a software repository platform for Fetching, Uploading, Organizing, and Distributing Software Packages.
Pulp OSTree Plugin is a Pulp plugin to support hosting your own OSTree content.
RPM Package Manager (RPM) is a powerful package management system capable of building computer software from source into easily distributable packages installing, updating and uninstalling packaged software querying detailed information about the packaged software, whether installed or not.
RPM Fusion is a software repository provides software that the Fedora Project or Red Hat doesn't want to ship. That software is provided as precompiled RPMs for all current Fedora versions and current Red Hat Enterprise Linux or clones versions; you can use the RPM Fusion repositories with tools like yum and PackageKit.
PipeWire is a server and user space API to deal with multimedia pipelines.It provides a low-latency, graph based processing engine on top of audio and video devices that can be used to support the use cases currently handled by both pulseaudio and JACK. PipeWire was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy. Nodes in the graph can be implemented as separate processes, communicating with sockets and exchanging multimedia content using fd passing.
WirePlumber is a modular session / policy manager for PipeWire and a GObject-based high-level library that wraps PipeWire’s API, providing convenience for writing the daemon’s modules as well as external tools for managing PipeWire. The WirePlumber daemon implements the session & policy management service. It follows a modular design, having plugins that implement the actual management functionality.
Btrfs is a modern copy on write (CoW) filesystem for Linux aimed at implementing advanced features while also focusing on fault tolerance, repair and easy administration. Its main features and benefits are:
- Snapshots which do not make the full copy of files.
- RAID - support for software-based RAID 0, RAID 1, RAID 10.
- Self-healing - checksums for data and metadata, automatic detection of silent data corruptions.
Anaconda is an OS installer used by Fedora, Red Hat Enterprise Linux (RHEL), CentOS Stream and other Linux distributions.
Fedora Labs is a selection of curated bundles of purpose-driven software and content as curated and maintained by members of the Fedora Community. These may be installed as standalone full versions of Fedora or as add-ons to existing Fedora installations.
Fedora Special Interest Groups (SIGs) are teams within the Fedora Project that are less formal than official subprojects. The SIGs are sometimes a first stage in the development of new projects within the Fedora Project.
Fedora Media Writer is a tool in Fedora that will set up your flash drive to run a "Live" version of Fedora Workstation, meaning that you can boot it from your flash drive and try it out right away without making any permanent changes to your computer.
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Using Fedora with Microsoft’s WSL2
Fedora Linux Desktop
CentOS Stream Desktop
Red Hat Enterprise Linux Desktop
Fedora, Red Hat Enterprise Linux (RHEL) and CentOS Stream Development Cycle
SUSE/openSUSE
Getting Started with SUSE/openSUSE
SUSE is a leading Linux OS most adaptable Linux operating system and the only open Kubernetes management platform thanks to their acquistion of Rancher. They also developer of SUSE Linux Enterprise and the primary sponsor of the community-supported openSUSE Project, which develops the openSUSE Linux distribution.
openSUSE Leap is a brand new way of building openSUSE and is new type of a hybrid Linux distribution. Leap uses source from SUSE Linux Enterprise (SLE), which gives Leap a level of stability unmatched by other Linux distributions, and combines that with community developments to give users, developers and sysadmins the best stable Linux experience available.
openSUSE Tumbleweed is a pure rolling release version of openSUSE containing the latest "stable" versions of all software instead of relying on rigid periodic release cycles. The project does this for users that want the newest stable software.
openSUSE Kubic is a multi-purpose Standalone & Kubernetes Container Operating System based on openSUSE MicroOS. Kubic uses kubeadm to provide an easy way of configuring a Kubernetes cluster across multiple machines, while our MicroOS base keeps your operating system updated automatically, with fully atomic rollbacks if required.
openSUSE MicroOS is a M icro Service OS providing Transactional (Atomic) Updates upon a read-only btrfs root filesystem. It's designed to host container workloads with automated administration & patching.
openSUSE Build Service is the public instance of the Open Build Service (OBS) used for development of the openSUSE distribution and to offer packages from same source for Fedora, Debian, Ubuntu, SUSE Linux Enterprise and other distributions.
YaST is a installation and configuration tool for openSUSE and the SUSE Linux Enterprise distributions. It features an easy-to-use interface and powerful configuration capabilities.
Zypper is a command line package manager which makes use of libzypp. It provides functions like repository access, dependency solving, package installation, etc. Zypper repositories are similar to the ones used in YaST, which also makes use of libzypp.
Btrfs is a modern copy on write (CoW) filesystem for Linux aimed at implementing advanced features while also focusing on fault tolerance, repair and easy administration. Its main features and benefits are:
- Snapshots which do not make the full copy of files.
- RAID - support for software-based RAID 0, RAID 1, RAID 10.
- Self-healing - checksums for data and metadata, automatic detection of silent data corruptions.
KIWI Next Generation (KIWI NG) is a command line utility to build Linux system appliances.
openSUSE for WSL (Windows Subsystem for Linux)
SUSE Linux Enterprise Server for WSL (Windows Subsystem for Linux)
Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads. They were acquired by SUSE in July 2020.
openSUSE Wiki is the source of information about the openSUSE project and distribution. The goal is to provide high quality documentation and a place for collaboration on all parts of the project.
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
SUSE Linux Enterprise 12 Desktop
openSUSE Deskop
Arch Linux
Getting Started Arch Linux
Arch Linux is an independently developed, x86-64 general purpose GNU/Linux distribution versatile enough to suit any role. Development focuses on simplicity, minimalism, and code elegance. Arch is installed as a minimal base system, configured by the user upon which their own ideal environment is assembled by installing only what is required or desired for their unique purposes.
ArchWiki is the best source for Arch Linux documentation on the web.
Arch Linux on WSL(Windows Subsystem for Linux)
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
Arch Linux User Repository (AUR)
Arch Linux User Repository (AUR) contains thousands build scripts, for compiling nearly 68,000 installable packages from source using the Arch Linux makepkg application.
Good Arch Linux Desktops for everyday use.
Manjaro Linux Desktop
EndeavourOS Desktop
Gauruda Linux Desktop
ArcoLinux Desktop
Steam OS 3.0 is an immutable Operating System(OS) using the KDE Plasma desktop. This allows you to install applications in containers using Flatpak, rather than onto the root filesystem. This means not only that the installation of applications is isolated from the core filesystem, but also that the ability for malicious applications to compromise/break your system is significantly reduced.
SteamOS 3.0 with KDE Plasma Deskop
NixOS
Getting Started NixOS
NixOS is a Linux distribution built on top of the Nix package manager. It has tools dedicated to DevOps and deployment tasks.
Nix Tour is an interactive tour that uses the actual package manager to learn you the language by example, in the browser.
Nix is a package manager and build system that parses reproducible build instructions specified in the Nix Expression Language, is a pure functional language with lazy evaluation. Nix expressions are pure functions taking dependencies as arguments and producing derivation specifying a reproducible build environment for the package. Nix stores the results of the build in unique addresses specified by a hash of the complete dependency tree, creating an immutable package store that allows for atomic upgrades, rollbacks and concurrent installation of different versions of a package, essentially eliminating dependency hell.
Nix Expression Language is a pure, lazy, functional language. Purity means that operations in the language don't have side-effects (for instance, there is no variable assignment). The language is not a full-featured, general purpose language. Its main job is to describe packages, compositions of packages, and the variability within packages.
Nixpkgs is the largest repository of Nix packages(over 80,000 packages) and NixOS modules. The repository is hosted on GitHub and maintained by the community, with official backing from the NixOS Foundation. Additionally, checkout Language-specific package helpers and Alternative Package Sets.
NixOS Packages Search is a tool for searching through NixOS packages.
NixOS Developer Resources
-
Hound - search across all/selected Nix-related repositories.
-
Nix(A One Pager) - A one page introduction to Nix, the language
NixOS Tools and Modules
-
Hydra is Nix's official continuous integration and build system.
-
Kubenix is a Kubernetes resource builder written in Nix.
-
Nix-kubernetes is a Kubernetes deployment manager written in nix.
-
Disnix is a microservice architecture built with Nix.
-
Hail is a service for pull-based continuous deployment.
-
Morph is a NixOS deployment tool.
-
Nixery is a ad-hoc container images from Nix.
-
Home Manager is a tool to manage your user configuration just like NixOS.s.
-
NixVim is a NeoVim distribution built with Nix modules and Nixpkgs.
-
Simple Nixos Mailserver is a complete mailserver, managed with NixOS modules.
-
Stylix is a system-wide colorscheming and typography for NixOS.
-
Awesome-Nix-HPC is a High Performance Computing package sets.
-
Nix-darwin is a tool to manage macOS configuration just like on NixOS.
-
Nixpkgs-firefox-darwin is a nikpkg to automatically updated Firefox binary packages for macOS.
-
Nixpkgs-wayland is a bleeding-edge Wayland packages.
-
NUR(Nix User Repositories) is the mother of all overlays, allowing access to user repositories and installing packages via attributes.
-
Alejandra is a opinionated Nix code formatter optimized for speed and consistency.
-
Comma is a tool that quickly runs any binary; wraps together
nix run
andnix-index
-
Colmena is a simple, stateless NixOS deployment tool modeled after NixOps and morph.
-
Krops is a lightweight toolkit to deploy NixOS systems, remotely or locally.
-
KuberNix is a single-dependency Kubernetes clusters via Nix packages.
-
Terraform-nixos is a set of Terraform modules designed to deploy NixOS.
-
Terranix is a tool to use Nix and the NixOS module system to write your Terraform code.
-
Arion is a configure Docker Compose with Nix modules.
-
Deploy-rs is a simple multi-profile Nix-flake deploy tool.
-
Fractalide is a reusable Reproducible Composable Software.
-
Nixos-shell is a simple headless VM configuration using Nix (similar to Vagrant).
-
Pushnix is a simple cli utility that pushes NixOS configuration and triggers a rebuild using ssh.
-
Musnix is a real-time audio modules for NixOS.
-
Nix-bundle is a package Nix attributes into single-file executables.
-
Extra-container is a run declarative NixOS containers from the command line. Similar to nixos-shell (chrisfarms).
-
Nixcloud-webservices is a set of nixpkgs extension for web-related technologies.
-
Krops is a stateless alternative to nixops with improved secret management.
-
Mach-nix is a tool that makes it easy to create and share reproducible python environments or packages. Existing tools for python package management often suffer from reproducibility and complexity issues, requiring a multitude of tools and additional virtualization layers to work sufficiently.
-
Digga is a flake utility library that helps you declaratively craft and manage all three layers of your system environment within a single nix flakes repository:
- Development shells (via numtide/devshell).
- Home environments (via nix-community/home-manager).
- Host configurations (via NixOS/nixpkgs/nixos).
-
Impermanence is a set of modules to help you handle persistent state on systems with ephemeral root storage.
-
NixOS Vagrant Plugin is a plugin that adds nix provisioning for NixOS guests to Vagrant.
-
Fenix is a Rust toolchains and Rust analyzer nightly for nix.
-
NixOS-WSL is a minimal root filesystem for running NixOS on WSL. It can be used with DistroLauncher as
install.tar.gz
or as input towsl --import --version 2
. -
Nix-bitcoin is a set of NixOS modules to install a bitcoin node with emphasis on security.
-
Nixpkgs-review is a review nixpkgs pull requests.
-
Nix-update is a swiss army knife for updating nix packages.
-
Nox is a set of tools to make Nix easier to use.
-
Nix-diff is a tool to compare Nix derivations.
-
Niff is a tool to compare two Nix expressions to determine what attributes changes.
-
Nix-upgrade-scripts is a set of tools for Nixpkgs maintainers to upgrade packages.
-
Nixops-manager is a NixOps wrapper for Git repositories.
-
Narfuse is a FUSE filesystem for mounting Nix archive (NAR) files as a virtual Nix store.
-
Nix-visualize is a tool to visualize the dependencies of a given package.
-
Home-manager is a system for managing a user environment using Nix.
-
NixGl is a wrapper to run OpenGL applications outside of NixOS.
-
Nixfmt is a formatter for Nix code.
-
Nix-index is a tool that quickly locate Nix packages with specific files.
-
Nix-prefetch is a universal tool for updating source checksums.
-
Nix-tree is a tool that let's you interactively browse the dependency graph of Nix derivations.
-
Statix is a linter/fixer to check for and fix antipatterns in Nix code.
-
Cached-nix-shell is a
nix-shell
replacement that uses caching to open subsequent shells quickly. -
Cachix is a hosted binary cache service; free for open-source projects.
-
Devshell is a
mkShell
with extra bits and a toml config option to be able to onboard non-nix users. -
Flake-utils - Pure Nix flake utility functions to help with writing flakes.
-
Gitignore.nix - The most feature-complete and easy-to-use
.gitignore
integration. -
Lorri is a much better
nix-shell
for development that augments direnv. -
Makes is a Nix-based CI/CD pipeline framework for building, testing, and releasing projects in any language, from anywhere.
-
Niv is a easy dependency management for Nix projects with package pinning.
-
Nix-direnv is a fast loader and flake-compliant configuration for the direnv environment auto-loader.
-
Nixpkgs-review is the best tool to verify that a pull-request in Nixpkgs is building properly.
-
Pre-commit-hooks.nix is a tool to run linters/formatters at commit time and on your CI.
-
Robotnix is a declarative and reproducible build system for Android (AOSP) images.
-
Nixpkgs-hammering is a nixpkg to beat your package expressions into a shape.
-
Nix-alien is a tool to run unpatched binaries on Nix/NixOS easily.
NixOS Desktop
-
Etcher is an open source, cross-platform software that makes it easy to flash operating system images to a microSD card or USB device.
-
nixos-generators is a NixOS config and build multiple different images types including VirtualBox VMs, Azure images, and installation ISOs.
-
nixos-up is a super easy NixOS installer that can be used from the installation ISO.
NixOS Desktop with the new Calamares Installer
Contribute
- If would you like to contribute to this guide simply make a Pull Request.
License
Distributed under the Creative Commons Attribution 4.0 International (CC BY 4.0) Public License.