Calamares 3.1.1 is out, so it is time to look to the future of Calamares and the features the next version will bring. This plan looks forward for the next three months, which covers releases 3.1.2 (minor fixes) and 3.2.

The expired SSL certificate for calamares.io (this website) has been replaced by a Lets Encrypt certificate. I am also setting up certbot to automatically renew the certificate – that should have been done earlier. No systems were affected during this time, only visitors to the website.

The SSL certificate for calamares.io (this website) has expired. It was valid to 2017-07-16 (July 16th, 2017). Due to, well, human nature, I didn’t think to renew the certificate until I was halfway up a mountain in Spain. The view is great, but connectivity not so much. The certificate-is-expired situation is expected to last no more than two weeks, but until then SSL certificate warnings will be the norm. I’d also suggest not downloading things from a site with an expired SSL certificate. Use the Github releases page to obtain tarballs instead.

Systems installed by Calamares up to and including Calamares 3.1 have a weaker password salt than they should. This weakness is important if an attacker has a way to obtain the password hash. The Calamares team believes that installed systems should be as secure as possible, and therefore considers this weakness important.

Users are advised to reset their password on installed systems by using the password(1) utility, which will provide a stronger salt and hence a better password hash. This applies to all user accounts created during the installation of the system: the user’s own account and to the root account, if the root account has a password.