Re: Encrypting swap
- From: Konstantin Svist <fry.kun@xxxxxxxxx>
- Date: Thu, 03 May 2012 13:04:36 -0700
On 05/03/2012 12:52 PM, Konstantin Svist wrote:
On 05/03/2012 12:04 PM, Heinz Diehl wrote:On 03.05.2012, Konstantin Svist wrote:
Problem is, I can't seem to find a way to encrypt the swap so that it wouldHave you looked at "luksSuspend" and "luksResume"?
be usable for hibernation.
I've only seen them as crytsetup options.. I'll google for those..
I'm not sure if the "same key" problem exists in Fedora 16, I've triedSimply, you can't suspend the device which contains the cryptsetup
setting it up this way and I'm able to boot but not resume.
That's silly. Grub loads initramfs from an unencrypted /boot partition; initramfs knows about encryption and is able to mount root after I enter my key. There should be no technical reason why it can't mount the swap with the same key immediately after and tell kernel to resume from the now-available swap.
I see now - what you said applies to luksSuspend/luksResume. I'm guessing it should probably reside on /boot or inside initramfs for that reason...
From what I can tell, these commands work for an encrypted separate partition, e.g. /home, probably not so much for the whole disk. And/or they should generally be called by other tools, abstracted from the user.
users mailing list
To unsubscribe or change subscription options:
Have a question? Ask away: http://ask.fedoraproject.org
- Prev by Date: Re: Encrypting swap
- Next by Date: Can you stack nice and ionice?
- Previous by thread: Re: Encrypting swap
- Next by thread: Re: Encrypting swap