[Pkg-cryptsetup-devel] Bug#371135: encrypted swap with variable key
fails
Andrew Pimlott
andrew at pimlott.net
Mon Jun 19 16:19:24 UTC 2006
As a non-expect in cryptsetup who just wants his swap space back, let me
see if I understand the problem.
Automatically formatting a swap partition is a destructive operation, so
all reasonable checks should be made before doing it. It is currently
not possible to positively identify a swap partition encrypted with a
random key; nor is it possible to negatively identify a partition as not
encrypted (with some unknown key). This gives me two ideas:
1. Create a marking for partitions to be encrypted with a random key,
allowing for the positive identification above. Perhaps this should
be part of LUKS.
2. If I use LUKS for all encrypted filesystems, I believe it is
possible to perform the negative identification above. That is, if
I don't see the LUKS header, and the partition does not have an
unencrypted volume, then it is safe to destroy. So let me promise
that I have no non-LUKS encrypted filesystems.
It would be a shame to require extra configuration for encrypted swap
with a random key, as this is a commonly recommended setup.
Furthermore, it not "fundamentally dangerous"; the only reason it is
dangerous today is that we don't mark partitions clearly enough, and
that could change. So we should be able to find a solution.
On the other hand, I'm glad you guys are so concerned with the safety of
my data!
Andrew
More information about the Pkg-cryptsetup-devel
mailing list