Hi guys.
I am a bit lost with kernels, and not sure I understand them all perfectly.
I hope there is a CachyOS kernel that is hardened, LTS (these are the main 2 points) and hopefully optimized by CachyOS for speed and performance. Are there any? Which are which? I hope it is both hardened and LTS. Thanks a lot.
According to this list, no. There’s cachyos-lts and cachy-hardened, but not both.
There’s a link in that article where you can suggest other kernel configurations, so make a request there 
Thank you @Matthew_Dee
Though I really wish to see an LTS, Hardened and CachyOS tweaked.
I saw some: 45 aur/linux-hardened-lts-docs 6.6.65.hardened1-1 [+0 ~0.00] [Out-of-date: 2025-03-20]
Documentation for the Security-Hardened Linux LTS kernel
46 aur/linux-hardened-lts-headers 6.6.65.hardened1-1 [+0 ~0.00] [Out-of-date: 2025-03-20]
Headers and scripts for building modules for the Security-Hardened Linux LTS kernel
47 aur/usbctl-git 1.1.r2.gf911f27-1 [+0 ~0.00]
Linux-hardened deny_new_usb control
:: Packages to install (eg: 1 2 3, 1-3):
But unfortunately out of date. I hope they get updated.
LTS is just a specific kernel version specified by linux. You can configure LTS in any manner, but that list explains that cachyos has minimal patches for LTS. It could be zero patches too. So most distros only ship the latest LTS and it has no realistic impact on expected optimization or hardening. What’s more important for actual LTS systems is what libc and compiler version gets used, because that defines the upper and lower dependency bounds.
I just wonder why LTS is not hardened! I know, I am so ambitious or a dreamer perhaps, or maybe technically it is not worth it or LTS by nature is already hardened “sort of”. Can LTS be considered hardened somehow? OR better use the Hardened kernel if I care about security?
NO.
LTS is like Debian, small changes so it can be (stay) stable, nothing related with hardened patchs