Bug#371135: [Pkg-cryptsetup-devel] Bug#371135: encrypted swap with variable key fails

Andrew Pimlott andrew at pimlott.net
Tue Jun 20 21:17:41 UTC 2006


On Tue, Jun 20, 2006 at 10:10:24PM +0200, Jonas Meurer wrote:
> On 20/06/2006 Andrew Pimlott wrote:
> > I mean _if I explicitly promise so_, we should expect that.  So give me
> > some configuration directive like LuksOnly that I can set.
> 
> looks like overkill for me. users who use only luks don't need to
> specify that. 'cryptsetup isLuks' is run against every source device
> anyway, before invoking 'cryptsetup luksOpen'. so there should be no
> need for a LuksOnly option.

But as I understand, a randomly keyed partition can't be done with Luks
(or can it?).  So even for a user who uses Luks for all his permanent
partitions, there will still be the swap partition (or mabye a /tmp
partition) that cannot be identified.  If we had LuksOnly, we could be
confident that those partitions are disposible.

However it may still be overkill.  I would be happy enough if there were
a check for randomly keyed swap partitions that verifies that the source
device is 1) not a formatted, unencrypted volume and 2) not Luks.
That's still a good measure of safety.

Andrew




More information about the Pkg-cryptsetup-devel mailing list