Skip to content

Release 1.16.0

Choose a tag to compare

View all tags
@atweiden atweiden released this 26 Mar 02:54
· 119 commits to master since this release
1.16.0
2bbab1f

sha256sums

e5c65969c9355a3f54359bece8b9c715b698f56aede7674df766ae7c4ed9674d  voidvault-1.16.0.tar.gz

Release Notes

This release adds several new features and optimizations.

1. The --packages flag

It’s now possible to specify additional packages to install during bootstrap via the newly added --packages flag.

Because users can pass --packages "<list of space separated packages>", VV now installs less packages by default. The philosophy behind the packages installed is to reflect base-minimal with light additions to enable booting Void with FDE and obtaining an internet connection.

2. Support for multiple --repository flags

Users can now pass the --repository flag more than once. This can be used in combination with --packages for installing custom templates residing in a local repo on disk, e.g.

# build binpkgs elsewhere then transfer to live installer
voidvault \
  --packages="my-custom-template my-other-custom-template" \
  --repository=/home/user/voidpkgs/hostdir/binpkgs \
  --repository=https://ftp.swin.edu.au/voidlinux/current \
  --repository=https://ftp.swin.edu.au/voidlinux/current/nonfree \
  --ignore-conf-repos \
  new

3. The --enable-serial-console flag

Serial console can now be enabled in the bootstrapped system, but see #10 for caveats.

4. Btrfs: Alter checksum algorithm and compression

Replace the default crc32c checksum algorithm with xxhash.

Replace compress mount option with compress-force for additional space savings

5. Update arch-install-scripts integration to v24

Notable for fixing repetitive btrfs subvolume mount options in /etc/fstab.

6. Demote nftables log spam to info level

Nftables log spam clobbering the virtual console is now a thing of the past.

7. Modernize OpenSSH configuration

Use post-quantum key exchange algorithm (sntrup761x25519-sha512@openssh.com) in anticipation of this becoming standard in an upcoming release of OpenSSH.

ChallengeResponseAuthentication has been renamed to KbdInteractiveAuthentication.

Set MaxSessions 1 to disable SSH session multiplexing as a security measure.

Further lock down sftp with ForceCommand internal-sftp -d %u -P symlink,hardlink,fsync,rmdir,remove,rename,posix-rename.

Upcoming Features

v1.16.0 marks the last stable release before the v2.0.0 development cycle begins.

The next major version will add support for LUKS2 and 2FA.

Assets 3
Loading