meta_title: Find RHEL Version on Shell, EC2, and Containers Today meta_description: Learn how to find your RHEL version in shell, EC2, and containers using the most reliable commands, with pitfalls, legacy methods, and automation tips. reading_time: 7 minutes
You're usually looking up a RHEL version for a reason. A package won't install, a security advisory mentions a specific minor release, or you're staring at an EC2 instance that nobody documented properly. In all of those cases, guessing from the kernel string or from an old AMI name wastes time fast. Red Hat Enterprise Linux matters in real infrastructure, and RHEL holds approximately 43.1% of the enterprise Linux server market in 2025 according to these market share figures discussed here, so this isn't an edge case.
If you're checking versions because patching is on the table, this practical patch management guide for businesses is worth reading alongside your inventory work. It helps connect version discovery to the core operational question, which is whether a given system is still aligned with your maintenance process.
Stop paying for idle resources. Server Scheduler automatically turns off your non-production servers when you're not using them.
Whether you're patching a critical vulnerability, sorting out a broken dependency, or auditing a mixed fleet, the exact RHEL version is the starting point. The major version tells you the broad platform generation. The minor version often decides whether a package, repository, hardening baseline, or vendor support statement applies.
That's why the best approach isn't “know a command.” It's knowing which command still works in the environment you're standing in. A long-lived VM over SSH behaves differently from an AWS instance viewed in the console, and both differ from a stripped-down container image where common files may be missing or altered.
The right answer isn't always the shortest command. It's the command that survives real-world environments without misleading you.
You log into a host during an outage and need the answer fast. On a normal RHEL VM or bare-metal server, the best command for that job is still /etc/os-release.

Best-for-most command
cat /etc/os-release
This file is the right default on modern RHEL because it reports the distribution release directly. You get the OS version without trying to map a kernel build back to a RHEL release, which is where people waste time.
A typical output includes NAME, VERSION, ID, VERSION_ID, and PRETTY_NAME. For quick human checks, PRETTY_NAME is usually enough. For scripts, parse VERSION_ID first.
That recommendation holds up well across the environments admins deal with. On bare metal and standard VMs, /etc/os-release is usually present and accurate. On EC2, it works the same way once you have shell access. Inside containers, you need to be more careful, because the file describes the container image, not necessarily the underlying host OS. That distinction matters if you are troubleshooting package compatibility inside the container versus support status on the node running it.
Here's the practical read on the common fields:
| Field | What it tells you | Why it matters |
|---|---|---|
NAME |
Distribution name | Confirms the OS family |
VERSION |
Human-readable version | Good for a quick check in a terminal |
VERSION_ID |
Machine-friendly version value | Best choice for scripts and automation |
PRETTY_NAME |
Full display string | Useful in tickets, reports, and screenshots |
If I am writing automation, I avoid scraping free-form text and go straight to VERSION_ID. It is simpler, easier to test, and less likely to break across images. If you want a broader shell reference while working through host checks, keep this Bash commands cheat sheet for common admin tasks handy.
A quick walkthrough helps if you want to see the output in context:
You get paged for a package failure, log into a host, and the first question is simple: what RHEL release is this thing running? The answer depends less on the command than on where you are standing. A bare-metal server, an EC2 instance, and a container can all report version data differently, and the wrong check leads to bad assumptions fast.
As a general rule, the best default is still the same. If you have shell access, read /etc/os-release first. It is the fastest path on physical servers, standard VMs, and EC2 guests. I only switch methods when the environment blocks that check or when I need to confirm whether I am looking at the guest OS, the image, or the host underneath it.
On a normal server or VM, version detection is straightforward. Run the check on the host and trust the host result.
cat /etc/os-release
That works well in day-to-day admin work because it reports the installed distribution, not just the running kernel. On remote SSH sessions, this is still the first command to run before patching, registering the system, or checking support eligibility.
On EC2, the command inside the guest stays the same. The difference is operational. Sometimes you do not have shell access yet, or the instance is stuck in a state where console metadata is the only thing available.
The EC2 console can help in that case. In the instance details pane, the Platform details field often shows the OS family and version that AWS has associated with the instance.
bad image error on EC2 guide.
Practical rule: if you can log in, trust the guest OS. If you cannot, use the EC2 console to narrow the search before you spend time on the wrong AMI or the wrong support path.
AWS also states that publicly supported RHEL versions are available on Amazon EC2, with version and AMI guidance in the Red Hat on AWS FAQ.
Containers need a different mindset. Inside a container, /etc/os-release describes the container image. It does not tell you what RHEL version the Kubernetes node, ECS host, or Docker host is running. That distinction matters if you are debugging package behavior inside the image versus host-level support or kernel issues.
Start with the container filesystem if your question is image-specific:
cat /etc/os-release
If the image is stripped down and that file is missing, try the package metadata instead:
rpm -q redhat-release
That fallback is useful on many RPM-based images, but not all of them. Some minimal or distroless-style builds remove enough userland that neither method helps much. At that point, the reliable answer usually comes from the image tag, the Dockerfile or Containerfile, or your CI pipeline records. For containers, "what is this running on?" and "what was this image built from?" are often two different questions.
Legacy hosts are where version checks get messy fast. On a bare metal RHEL 6 box, cat /etc/redhat-release is often good enough for a quick read. In an old EC2 instance with years of patching behind it, I still verify with a second command before I trust what I see. In a container, these legacy methods may tell you little or nothing useful because the image may not even include the expected files or packages.
The common mistake is treating the kernel release as the OS release.
uname -r
That command shows the running kernel. Use it for driver issues, kernel module checks, live patch validation, and confirming that a reboot loaded the expected kernel. It does not map cleanly to a RHEL minor version, especially on systems with backported fixes or custom kernels.
cat /etc/redhat-release remains a practical fallback on older RHEL systems, but I treat it as a clue, not proof. On legacy estates, I have seen customized images, stale release files, and parsing logic that assumes a format the host no longer follows. lsb_release -a can help as a cross-check if the package is installed, but many older servers do not have it.
| Command | Best For | Potential Issues |
|---|---|---|
cat /etc/os-release |
Modern RHEL systems | Often absent on older releases or stripped images |
cat /etc/redhat-release |
Older systems, quick manual check | Format can vary, and local customization happens |
lsb_release -a |
Cross-checking when installed | Commonly missing by default |
uname -r |
Kernel verification | Reports kernel only, not the distro release |
For mixed estates, my best-for-most recommendation is simple. Use the guest OS release files to identify RHEL. Use uname -r only when your question is specifically about the running kernel. That avoids the usual support case where someone reports an 8.x kernel and assumes the host is running RHEL 8.
If you're building shell checks that need to run across old servers and newer images, this guide for running .sh scripts reliably across hosts is worth keeping nearby. A surprising number of version-detection failures come from shell compatibility problems, missing utilities, or bad quoting rather than the version commands themselves.
Use the distribution version for support status, repository alignment, package compatibility, and release-specific documentation. Use the kernel version for boot-state validation, kernel debugging, hardware enablement, and module compatibility.
They answer different questions. On older RHEL systems, keeping those two checks separate saves time and avoids bad assumptions.
If lsb_release returns “command not found,” install the package that provides it for your environment, or skip it and go back to /etc/os-release. If outputs look customized or incomplete, check a second source instead of forcing a guess.

For automation, I'd use a small fallback chain:
cat /etc/os-releasefirst, thenrpm -q redhat-release, thencat /etc/redhat-release, and only after that consideruname -rfor kernel-only reporting.
If your script starts failing on basic reads or package queries, permissions may be the actual issue. This Errno 13 permission denied guide is a useful sanity check before you blame the version logic.
Version detection gets more useful once it feeds automation instead of a one-off terminal check. On bare metal, that usually means patching and compliance jobs. In EC2, it often drives image validation and lifecycle tasks. In containers, the better choice is often to validate the base image at build time instead of trusting runtime checks inside a minimal shell.
The best next step is to add the same fallback chain from this article to a central job runner, then branch tasks based on what the host is. A good reference for building those flows is this workflow orchestration guide. For storage-focused Ansible work, Bridge IT Solutions' HPE Nimble Storage guide shows the kind of automation that benefits from accurate system discovery.
If you want to move from one-off checks to predictable cloud operations, Server Scheduler helps teams automate start, stop, resize, and reboot schedules for AWS infrastructure without maintaining custom scripts.