Encrypting swap
Konstantin Svist
fry.kun at gmail.com
Thu May 3 19:52:39 UTC 2012
On 05/03/2012 12:04 PM, Heinz Diehl wrote:
> On 03.05.2012, Konstantin Svist wrote:
>
>> Problem is, I can't seem to find a way to encrypt the swap so that it would
>> be usable for hibernation.
> Have you looked at "luksSuspend" and "luksResume"?
I've only seen them as crytsetup options.. I'll google for those..
>> I'm not sure if the "same key" problem exists in Fedora 16, I've tried
>> setting it up this way and I'm able to boot but not resume.
> Simply, you can't suspend the device which contains the cryptsetup
> binary.
That's silly. Grub loads initramfs from an unencrypted /boot partition;
initramfs knows about encryption and is able to mount root after I enter
my key. There should be no technical reason why it can't mount the swap
with the same key immediately after and tell kernel to resume from the
now-available swap.
More information about the users
mailing list