From 8a2a2d40679aefd618dbb77adb7eab2c8b0ac54c Mon Sep 17 00:00:00 2001 From: Aminda Suomalainen Date: Sat, 10 Aug 2024 09:45:39 +0300 Subject: [PATCH] n/essentialsoftware.md: note Arch microcode update flow --- n/essentialsoftware.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/n/essentialsoftware.md b/n/essentialsoftware.md index 4b91005..14ab8de 100644 --- a/n/essentialsoftware.md +++ b/n/essentialsoftware.md @@ -38,7 +38,9 @@ _{{ page.excerpt }}_ - `microcode` - propietary, but otherwise CPU holes are going to be gaping open. Refer to `tail -n +1 /sys/devices/system/cpu/vulnerabilities/*` - Debian calls this as `amd64-microcode` or `intel-microcode` - - Arch knows them as `amd-ucode` or `intel-ucode` + - Arch knows them as `amd-ucode` or `intel-ucode` and won't load it for you, + you will have to `initrd /intel-ucode.img` yourself instantly after `linux` + and before `initrd /initramfs-linux-lts.img`... - `ufw` for Deb-based or `firewalld` on Fedora (and Kali and Arch Linux, if you so choose in the last) - `sshguard` for mitigating shared systems where others refuse to use keys