Bug#397887: [Pkg-cryptsetup-devel] Bug#397887: resume support renders system unbootable

David Härdeman david at hardeman.nu
Sun Nov 12 16:45:41 CET 2006

On Sat, Nov 11, 2006 at 05:52:35PM +0100, martin f krafft wrote:
>also sprach David Härdeman <david at hardeman.nu> [2006.11.11.1239 +0100]:
>> cryptswap /dev/hda2 cryptroot 
>> keyscript=/root/decrypt_derived,hash=sha256,size=256,cipher=aes-cbc-essiv:sha256
>So how do I initialise /dev/hda2 for this to work? Am I expected to
>run the decrypt_derived script and take the output as keyphrase?

If the encrypted swap partition is already setup, remove it with 
"swapoff -a; cryptsetup remove <cryptswap>"

Then, provided that the swap entry is configured in /etc/crypttab, run 
"/etc/init.d/cryptdisks start" and it'll do the setup for you.

After that you'll need to run mkswap on the newly created 
/dev/mapper/<cryptswap> device and swapon -a again.

After this is done you should have an encrypted swap up an running again 
(but based on the derived key), so regenerate the initramfs image and 
see whether it is now able to setup the swap device during the initramfs 
stage of the boot.

David Härdeman

More information about the Pkg-cryptsetup-devel mailing list