-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey Rodolfo,
any news regarding the questions below? Otherwise I would like to close this bugreport. Regards, jonas Am 22.04.2012 13:07, schrieb Jonas Meurer: > Hey Rodolfo, > > Am 21.04.2012 17:26, schrieb Rodolfo GarcÃÂa Peñas: >> the cryptroot initramfs hook script searches for resume devices >> in the following files. Please send the content of all of them: > >> /etc/uswsusp.conf > >>> The important part is: > >>> resume device = /dev/dm-1 > > mh, I've no idea how uswusp detects the resume device, but > apparently there's something wrong. did you try 'dpkg-reconfigure > uswsusp' yet? maybe /dev/dm-1 was correct in the past, and your > setup changed in the meantime? > >> /etc/initramfs-tools/conf.d/resume > >>> Is here :-) > >>> RESUME=UUID=81c6f99f-d571-497c-a6db-759f4beb0b2d > > all right, that's the reason why cryptroot initramfs hook detects > a second resume device. I've a gut feeling that something's wrong > with your setup. > > what's the content of this file after 'dpkg-reconfigure > initramfs-tools'? > > And more importantly: you have 'luks,swap' as options to your > encrypted swap device in /etc/crypttab, right? The option 'swap' > results in cryptdisks scripts running 'mkswap' over the device on > every boot. This is not required and indeed wrong for your setup. > > In general, you've two options for encrypted swap: > > 1/ use a random key (e.g. /dev/urandom) for decryption, and > recreate the swap partition on every boot. this is what the 'swap' > option in crypttab(5) is for. it has the advantage of more > security, but doesn't support resume from this device - as there's > no consistent encryption key and as a result no way to restore the > suspend image for resume. > > 2/ use a consistent key for decryption. this is required for > suspend/ resume functions. and this is what you're using. in that > case you don't need to rerun 'mkswap' over the unlocked crypto-swap > every time. as a result, the 'swap' option to crypttab(5) is not > needed in that case. > > I suggest that you read sections 8 & 9 of the cryptroot initramfs > documentation in /usr/share/doc/cryptsetup/README.initramfs.gz. > > I'm still curious whether there's a real bug in the package, or > whether this is merely a setup issue on your side. Thus it would > be great if you could answer my questions above. > > Regards, jonas > > > > _______________________________________________ > pkg-cryptsetup-devel mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cryptsetup-devel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP0bx/AAoJEFJi5/9JEEn++nAP/R9GBT2K/IV9fJU12i9bDxua 7EFpNBWlPtvdwiMPof4ACALJxMAUQzP20aj5amSTN358T07Xpn7ieHKkmipyttgU U9mjTkjAdY47anIDr5iP20mPykS9iVPP4RK23Co34Mgbivi9yY/DmVbPWK8RVVeW z1ajreCuZKJNEBhphKVTvFjSs4KPfqVhZ6qMi5g1MNaItU6Y95E0+4lN7RQyCUaV 6zWv9F/U0nMmo94009sL/hv/k4b0NJNZLFQoZPmaHH2g9w6Q7xymB5Xaef1FHtMZ 6UrEJyCWByKxELUIAdNwADu+26YY/JKKgDNnt6Ugq2lgKCQleN6R0C5B/ggUKpHA cZyeNpMHd38M1BzYUZDJlOFIL9yeOjocoDnaRcjKnKgok7M/xe+zX09s+mqdBbVC /rapgqM/3UKK1NmMz/Lci8znem409sEEF0udCZXAOXtOQ78ABqh8H5ddunR9XzqA OQ11eTerCGk083STcQpBghRn8F1qHC0SKVFTiQiZXY/2LV+wcIFzOLw4tqzTUDnK rJFy16/Vo9cWC+j2iwb0t4CxhDJu+GQwyas6nBNpZp3kERbWemkdKn/KJ0nXfJr0 Wy1P3C+SVZ/QIDKEIgxpCcuN+pPLQqK+yl4xNmuqDBH9NMkOiDw+l/Z7cSA2ehDs IkIlPBxuyMawPDBFI319 =EsvX -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

