KernelCare Agent v3: Upgrade Now for Signed Patch Security
·1 min
I wrote this second KernelCare piece for TuxCare as the mid-December switchover actually landed. Where the launch post introduced Agent v3, this one is the timely nudge: signed patches are becoming the default now, and anyone still on v2 needs to move before their patch stream stops.
Originally published on TuxCare Read the full article →A few things I wanted people to walk away with:
- Signed patches are the default going forward. Both formats coexisted for a while, but with the switch, older agents simply stop receiving patches.
- Waiting creates avoidable risk. Systems on v2 or earlier will have coverage gaps and end up doing the upgrade under time pressure instead of on their own schedule.
- The upgrade path is the same as always. One command for most systems, a single reboot on Secure Boot hosts to register the certificate, and ePortal 2.20+ for enterprise customers.
If you upgraded early after the launch, you’re set; if not, this was the reminder to close the gap before it opened.