v1.0 — Now Available for Download

LIBUX
National Linux
Distribution

A modern Linux platform engineered for governments, enterprises, cloud infrastructure, AI workloads, and critical national services. Built on Zero Trust, immutable infrastructure, and verified supply chains.

Open Source
FIPS 140-3 Ready
SBOM Included
Reproducible Builds
libux-verify — bash
$ libux-verify --system-integrity
[OK] Secure Boot: VERIFIED
[OK] TPM PCR values: MATCHED
[OK] Root filesystem: IMMUTABLE
[OK] SELinux enforcing: ACTIVE
[OK] Supply chain: VERIFIED (Sigstore)
[OK] Zero Trust policy: ENFORCED
$ _
Secure Boot
TPM + UEFI
Immutable FS
Read-only Root
Zero Trust
Always Verify
500+
Security Controls
21
Compliance Frameworks
FIPS
140-3 Ready
100%
Open Source
Core Capabilities

Engineered for Security, Built for Scale

Every layer of LIBUX is designed with security-first principles, open standards, and national-grade requirements.

Immutable OS

Read-only root filesystem with atomic updates and automatic rollback.

Zero Trust

Never trust, always verify. Continuous authentication and authorization.

TPM & Secure Boot

Hardware-rooted trust with measured boot and kernel lockdown.

FIDO2 & Passkeys

Passwordless authentication with hardware security keys and biometrics.

Supply Chain Security

Sigstore, Cosign, SBOM, SLSA, and reproducible builds throughout.

Container Native

Rootless Podman, Kubernetes, and MicroVM isolation for workloads.

Cloud Ready

Multi-cloud, hybrid, and on-premises deployment with native cloud images.

AI Infrastructure

Confidential computing and GPU isolation for secure AI workloads.

Defense-in-Depth Architecture

LIBUX implements multiple overlapping security layers from hardware trust to application isolation.

Applications & Workloads
Containers · MicroVMs · Flatpak · Sandboxing
Identity & Access Management
LibyaOne Auth · FIDO2 · Passkeys · Zero Trust Policy Engine
OS Security Layer
SELinux · AppArmor · Landlock · Auditd · eBPF · Falco
Immutable System Layer
Read-only Root · Atomic Updates · Verified Images · SBOM
Hardware Trust Anchor
Secure Boot · Measured Boot · TPM 2.0 · Hardware RoT

Built for Libya and Beyond

LIBUX serves the full spectrum of critical national infrastructure and enterprise sectors.

Government
Defense
Banking
Healthcare
Telecom
Cloud & DC
AI / HPC
Critical Infra
Smart Cities
Universities
Industrial OT
Enterprises
Zero Trust Architecture

Never Trust. Always Verify.

LIBUX implements Zero Trust at every layer — device, user, workload, and network. Continuous authentication and real-time policy evaluation ensure that access is never assumed, always earned.

Device Identity & Trust
TPM-backed device certificates, secure boot attestation
User & Workload Identity
SPIFFE/SPIRE, OIDC, SAML, Kerberos federation
Continuous Authorization
Real-time policy evaluation with risk-based scoring
Network Microsegmentation
eBPF-enforced policies, east-west traffic control
Explore Zero Trust Architecture
01Identity Claim
02Device Attestation
03Risk Assessment
04Policy Evaluation
05Access Decision
06Continuous Monitoring
LibyaOne Auth — Login Flow
Secure
👤Username / Identity
🔑Password (optional)
🔐Hardware Security Key (FIDO2)
💻Device Trust (TPM Attestation)
Zero Trust Policy Evaluation
Access Granted
LibyaOne Identity Platform

Identity at the Heart of Security

LibyaOne Auth provides a unified, hybrid identity platform supporting on-premises and cloud IAM, federation, and passwordless authentication for all government and enterprise services.

FIDO2 / WebAuthn
Smart Cards / PIV
Passkeys
OpenID Connect
SAML 2.0
LDAP / Kerberos
Explore LibyaOne Auth

Built on Proven Open-Source Technologies

No vendor lock-in. Standards-based. Community-audited.

Linux KernelSELinuxAppArmorLandlockeBPFFalcoPodmanKubernetesSigstoreCosignSBOMSLSAFIDO2PasskeysTPM 2.0OpenTelemetryPrometheusGrafanaFreeIPAKeycloakFirecrackerKata ContainersAuditd
Open Source & Community Driven

Start Building with LIBUX Today

Download the latest release, explore the documentation, or join the community shaping Libya's digital future.