You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.

To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.

This is the comment you were replying to, attached to the article System encryption on Debian Etch:

#2 Re: System encryption on Debian Etch Posted by goeb (84.184.xx.xx) on Mon 14 Aug 2006 at 23:46 There are some reasons I did not use /dev/random as key for the swap partition, the main reason is that with a static key you may be able to use suspend to disk, which will obviously not work with a random key. I have not tested it but it should be possible (and maybe not even too difficult to implement). And as mentioned in the article using the swap option caused an error on two test systems (one was VMware, the other one my Laptop) and no swap partition at all was available. This could be an error in combination with the luks option, in fact, I used the /dev/random as key on an encrypted Sarge system and it worked (there's no luks in Sarge available). Regarding LVM: I currently do not need it, but looking at what you wrote it seems to be easy to setup. initramfs-tools should support encryption not only in unstable, also in testing, since partman-crypto is an official part of the Etch Beta 3 installer and allows you to encrypt your partitions during the installation. This should also work with LVM. yaird should support encrypted LVMs, too. But both require encrypted partitions/LVM before the initramfs is created. And with yaird it is not sufficient to create the entries in fstab and crypttab, the mapper devices actually must exist for yaird to configure it. And, of course, isn't it much more fun to do this manually :-)

Inappropriate comments will be removed.

Username:

Password:

[ Advanced Login ]

Register Account