Bug#371135: [Pkg-cryptsetup-devel] Bug#371135: encrypted swap with
variable key fails
Andrew Pimlott
andrew at pimlott.net
Sun Jun 25 22:17:27 UTC 2006
On Sun, Jun 25, 2006 at 04:13:20PM +0200, Jonas Meurer wrote:
> On 21/06/2006 Andrew Pimlott wrote:
> > True, but this can't be configured in crypttab, which makes it
> > effectively unavailable. Moreover, it wouldn't provide much additional
> > safety. Presumably, a hypothetical "luksrandom" keyword in crypttab
> > would mean: check that it's a luks partition, than re-luksFormat and
> > luksOpen with the same random key.
>
> do you see any advantages in providing this? i don't like the idea of
> invoking luksFormat automatically in any case.
No, just thinking out loud.
> > Cool. So you would special case a key of /dev/*random, and perform only
> > those two checks? In other words, would my existing configuration
> >
> > swap /dev/hda2 /dev/urandom swap
> >
> > start working again? That sounds like a nice resolution.
>
> that's the plan.
Wonderful. Thank you.
Andrew
More information about the Pkg-cryptsetup-devel
mailing list