Bug#371135: [Pkg-cryptsetup-devel] Bug#371135: encrypted swap with
variable key fails
Jonas Meurer
jonas at freesources.org
Sun Jun 25 14:13:20 UTC 2006
On 21/06/2006 Andrew Pimlott wrote:
> > first, LUKS devices with random key are possible, you just need to store
> > the random key after luksFormat, to reuse it for luksOpen. afterwards
> > you can shred/wipe the key.
>
> True, but this can't be configured in crypttab, which makes it
> effectively unavailable. Moreover, it wouldn't provide much additional
> safety. Presumably, a hypothetical "luksrandom" keyword in crypttab
> would mean: check that it's a luks partition, than re-luksFormat and
> luksOpen with the same random key. The problem is, this would happily
> trash any normal (non-randomly-keyed) luks partition. So you really
> want an explicit marker that says "I am disposable".
do you see any advantages in providing this? i don't like the idea of
invoking luksFormat automatically in any case.
> > > However it may still be overkill. I would be happy enough if there were
> > > a check for randomly keyed swap partitions that verifies that the source
> > > device is 1) not a formatted, unencrypted volume and 2) not Luks.
> > > That's still a good measure of safety.
> >
> > yes, that's exactly what i suggested as well. in my opinion, up to now all
> > other proposed checks are compromises which have disadvantages as well.
>
> Cool. So you would special case a key of /dev/*random, and perform only
> those two checks? In other words, would my existing configuration
>
> swap /dev/hda2 /dev/urandom swap
>
> start working again? That sounds like a nice resolution.
that's the plan.
...
jonas
More information about the Pkg-cryptsetup-devel
mailing list