On Mon, 2008-04-14 at 10:04 +0200, Jérémy Bobbio wrote: > On Sun, Apr 13, 2008 at 11:09:38AM +0100, Sam Morris wrote: > > Alternatively, if there is another way to set up encrypted swap so that > > I can hibernate to it, I would love to hear it. :) > > The setup done by the debian-installer when using guided partitioning > with "encrypted LVM" is fully able to hibernate. > > The layout is the following: > * There is only two physical partitions on your hard drive, > a small unencrypted one for /boot, and the rest of the disk is > all in an encrypted partition. > * Use this encrypted partition as an LVM physical volume. > * Then setup a LVM volume group with at least two logical volumes: one > for / and one for the swap. > > When entering the passphrase during the boot sequence, you will be > unlocking both the root filesystem and the swap at the same time and > hibernation works fine. :)
Oh, sure, but I didn't want to put / on an encrypted volume, hence the current setup. :) I did some looking into this. It seems like it might be possible to modify the 'cryptroot' script so that it checks to see if KEYSCRIPT = /lib/cryptsetup/scripts/decrypt_derived, and if so, also include the mapping from crypttab defined in the encrypted volume's 'source' field. I haven't had a chance to work on a patch yet... but if you think this is a sane idea then I'll do it. > > Cheers, -- Sam Morris <[EMAIL PROTECTED]>
