[Pkg-cryptsetup-devel] Bug#382280: maybe user-space?
martin f krafft
madduck at debian.org
Sun Aug 13 17:45:05 UTC 2006
also sprach martin f krafft <madduck at debian.org> [2006.08.13.1805 +0100]:
> thinking about this some more, maybe this issue can only be solved
> if suspend first disables swap and dm-crypt, then suspends to the
> raw block device, then after resume restores a new swap with a new
> random key.
... in which case the suspend data would not be encrypted, which is
BAD. disregard my suggestion.
instead, how about dumping the (random) key to the initramfs and
encrypting it with a symmetric one determined by the user? or if the
swap is encrypted with luks, just add a new key on suspend and
remove it after resume.
question is how to get that symmetric key from the user...
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck at debian.org>
: :' : proud Debian developer and author: http://debiansystem.info
`. `'`
`- Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20060813/1ab8d2e6/attachment.pgp
More information about the Pkg-cryptsetup-devel
mailing list