Bug#954200: DI encrypted LVM, discard option crypttab file
Package: debian-installer
Version: debian-10.3.0-amd64-netinst.iso
After installing debian-10.3.0-amd64-netinst.iso with encrypted LVM, the
crypttab file is populated with the discard' option in the fourth field.
According to (1), the discard option has security implication:
"discard
Allow discard requests to be passed through the encrypted block device.
This improves performance on SSD storage but has security implications."
I would suggest that the debian-installer populates the first two
mandatory fields of '/etc/crypttab'.
1) https://www.freedesktop.org/software/systemd/man/crypttab.html
--
John Doe
Reply to: