The Goose Agent: AI Comes to the Command Line

The headline feature of this release is the introduction of goose, an open-source command-line AI agent now available in RHEL’s extensions repository. Originally developed by Block and now linked to the Agentic AI Foundation ecosystem, goose connects to multiple Model Context Protocol (MCP) servers simultaneously, functioning as a unified assistant that can traverse inventory data, system status, error logs, and configuration state — all within established safety guardrails.

Red Hat has simultaneously introduced MCP servers in preview form across three products: Red Hat Satellite (technology preview), Red Hat Enterprise Linux itself (developer preview), and Red Hat Lightspeed (developer preview). Through these servers, AI agents can securely tap into real-time Linux telemetry, allowing administrators to issue natural language commands that trigger automated, multi-step workflows rather than manually composing shell commands.

“Faster problem resolution, and a quicker path for new administrators to become proficient — this translates into higher developer productivity and accelerated project timelines.”

— Red Hat, RHEL 10.2 & 9.8 Release Statement

Both releases also ship with improved visual output in the terminal via enhanced color rendering, making it easier to parse dense command-line output at a glance — a modest but practical quality-of-life improvement for teams spending long hours in the shell.

Post-Quantum Cryptography: Preparing for a New Threat Landscape

Perhaps the most consequential long-term addition to RHEL 10.2 and 9.8 is the integration of post-quantum cryptographic algorithms approved by the U.S. National Institute of Standards and Technology (NIST). The move directly targets the growing “harvest now, decrypt later” threat model, in which adversaries collect encrypted data today intending to decrypt it once sufficiently powerful quantum computers become available.

Red Hat Certificate System 11.0, released alongside the new RHEL versions, introduces quantum-resistant signatures to help organizations align with NIST’s emerging standards. By embedding these algorithms at the OS foundation, Red Hat aims to give enterprises a durable cryptographic posture that does not require infrastructure replacement as quantum computing matures.

Gunnar Hellekson, Vice President and General Manager for Red Hat Enterprise Linux, summarized the release’s dual mission: “RHEL 10.2 and 9.8 strike a balance between the pace of AI innovation and strict enterprise security, and turn complex operational disruptions into automated and repeatable processes. By integrating post-quantum cryptography and AI-based upgrade tools, Red Hat helps customers build defences against emerging threats and scale AI workloads consistently and reliably across hybrid clouds.”

AI-Driven Upgrades via Ansible

Red Hat has also overhauled the traditionally painful in-place upgrade experience. A new RHEL upgrade system role, delivered as a Red Hat Ansible Certified Content Collection and powered by Ansible Automation Platform, adopts a “fail fast then iterate” methodology. By automating upgrade workflows end-to-end, Red Hat says this approach minimizes downtime and significantly reduces the potential for human error — freeing IT staff to focus on higher-value architecture work rather than routine maintenance windows.

— · · · —

Security Enhancements and Image Mode

RHEL 10.2 introduces a technology preview of sealed images, a feature operating through image mode that allows administrators to cryptographically sign container images, ensuring systems boot only from verified images that have been personally approved. This is particularly valuable in environments where the underlying host infrastructure cannot be fully trusted.

On the threat intelligence side, Red Hat and CrowdStrike customers gain access to over 2,300 new malware signatures, improving detection capabilities and enabling a more proactive security posture across enterprise deployments.

Image mode itself — RHEL’s container-centric approach to building, deploying, and managing the operating system — receives further refinements in this release, promoting greater consistency across physical, virtual, cloud, and edge environments while helping organizations contain operational drift.

Updated Developer Toolchains

Both RHEL 10.2 and 9.8 refresh a broad set of language runtimes and compiler toolchains, offering developers access to the latest upstream stable releases without sacrificing enterprise-grade support:

Key Software Version Updates — RHEL 10.2 & 9.8
Go1.26
LLVM21
Rust1.92
Python3.14
PHP8.4

These updates ensure that developers building on RHEL have access to modern language features, performance improvements, and the latest security patches upstream communities have delivered — all on a stable, vendor-supported platform.

Feature Highlights at a Glance

AI & Automation
Goose CLI Agent

Open-source MCP-integrated command-line assistant connecting AI to real-time Linux telemetry for natural language system management.

Security
Post-Quantum Cryptography

NIST-approved quantum-resistant algorithms integrated at the OS level, defending against harvest-now-decrypt-later attack vectors.

Operations
Automated Upgrades

New Ansible-powered RHEL upgrade system role automates in-place upgrades with a fail-fast-iterate approach to minimize downtime.

Image Mode
Sealed Images (Preview)

Cryptographically signed container images ensure systems boot only from administrator-approved, verified OS images.

Availability

Red Hat Enterprise Linux 10.2 and RHEL 9.8 are generally available today, May 20, 2026, for all active subscribers. Existing RHEL customers can access the updates through the Red Hat Customer Portal. Full release notes, migration guides, and the Red Hat developer blog post are available at redhat.com.