Solus OS Basic Security Guide for New Users

h3ll rkhunter, clamav, and timeshift are not in the deprecated package list, which would indicate that they've never been included in the Solua repository. Furthermore, I remember requests for Clam's inclusion being rejected at least once many years ago on the old issue tracker. Timeshift has also been requested several times over the years, but has always been blocked from inclusion due to its reliance on crontab, which Solus also doesn't have. What do you mean exactly by "Old Solus"?

I'm not really sure what's going on in this thread at this point, but I would like to remind everyone to be respectful. This has already gone a bit off the rails.

Some corrections/questions:

h3ll Nope, this is correct and you can set timeshift with systemd i tested myself and i don't use any LLM. My LLM is DeepSeek with a custom prompt for unrestricted/uncensored results and provides all correct answers only.

So are you using an LLM or not? I'm confused, is this a joke?

h3ll New solus has removed it from package manager:
sudo eopkg install clamav rkhunter

As people have said (and now even your edited post alludes to), this command won't work because those packages aren't, and never were, part of the repository.

h3ll VPN recommendations:
WireGuard (built-in kernel support)
OpenVPN (Disable with sudo systemctl disable openvpn.service)

So do you recommend OpenVPN, or do you want people to disable it? ^^

h3ll sudo eopkg check | grep -q "broken" && timeshift --restore

This'll always fail, since grep is case-sensitive and the actual text is "Broken" with a capital B. Also I'm not sure it's a good idea to restore a backup for any "Broken" package, because most of the time that's not harmful at all, but then again I don't know how timeshift works exactly.

h3ll Synthesized meaning - Though i rewored some words and added some few or extra steps/options. To make it fit solus and before posting all commands work and excellently running on my pc.

FYI Your link doesn't work unless one is logged into kagi. In any case: Clearly you didn't run many of the commands, as they don't work (see above)

hakimjonas So because something I never heard about before (mulvad) wants YOU to drop openvpn it means that I should disable openvpn ?

I was pretty sure that Mullvad (which I use) does not preclude the use of OpenVPN, so I asked Grok about that:

"Yes, Mullvad does use OpenVPN. It supports OpenVPN as one of its VPN protocols, alongside WireGuard. Mullvad provides configuration files and settings for OpenVPN in its client software, allowing users to connect to its servers using this protocol. OpenVPN is known for its strong security and flexibility, which aligns with Mullvad’s focus on privacy. However, Mullvad also encourages the use of WireGuard for its speed and modern design, but OpenVPN remains fully supported for those who prefer it.
So, to sum up: Yes, Mullvad uses OpenVPN as an option for securing your connection to its VPN servers."

WetGeek OK but my point was that OP posted this as:

"a concise security guide for new Solus users..."

And then precedes to recommend disabling openvpn even though this is a widely used tool. And the reason seem to be mostly about this other payed vpn service.

What ever they recommend might be correct for them but I don't see how this fits into a general guide for Solus users. But please enlighten me, I have been known to be wrong in the past.

@h3ll It's not that I totally disagree but perhaps its a bit too opinionated. Again I might be wrong but I don't think inactive services present a very serious risk.

And you are probably correct in recommending wireguard but you have to understand that openvpn is not deprecated and is in fact used by many people and companies.

I for one have to use it, and actually want to suggest adding openvpn3 to eopkg - just haven't found time to learn how to correctly suggest that.

hakimjonas I for one have to use it, and actually want to suggest adding openvpn3 to eopkg - just haven't found time to learn how to correctly suggest that.

You're welcome to create a request for openvpn3 to be added

TraceyC thank you I will - I just got a bit intimidated by the process, is it OK to make such a request without volunteering to be the maintainer? - Not that I absolutely wont do that - it would just be new for me.

Here is the ticket:

https://github.com/getsolus/packages/issues/5195

BTW. I did manage to build it from source but had to build one dependency first and I had to disable logging with abseil during building because I was unable to make that play nice.

h3ll Clearly you didn't test

What are you replying to here? Didn't test what? Your clamav and rkhunter installation commands obviously didn't work, because those packages aren't part of the repository. I see you've now removed that part of your instructions, good.

For good measure, let's test your previous instructions again:

 sudo eopkg install clamav rkhunter                         
[sudo] password for thomas:
System error. Program terminated.
Repo item clamav not found

What a surprise!

h3ll Rkhunter (Rootkit Hunter) was previously available but removed from Solus' package manager in April 2025

Wrong. Your LLM seems to be confused. It's not even April 2025 yet, and it was NEVER part of the repository.

h3ll Yes, as i said in the post, clearly didnt read

In one place of your post you recommended it, in the other you told people to disable it. The problem is that I did read your post (which I regret more and more).

h3ll You can now use kagi without a account, as they recently posted their changelogs about that and everything

That's cool and all, but your initial link didn't work anyway. The new one does though.

I gotta say, I don't appreciate being accused of "not testing" and "not reading", when it seems to be you that doesn't test shit and just dumps output from some generative AI here.