[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: recovering from compromised keys

On Thu, Sep 23, 2010 at 03:13:06PM +0100, Simon McVittie wrote:
> By policy, we use full-disk encryption at my workplace (where full-disk
> really means "except the bootloader and /boot"). For a 2-year-old recipe for
> it, which I believe still mostly works with grub2, see
> http://smcv.pseudorandom.co.uk/2008/09/cryptroot/

Can we maintain suspend/resume type-features with such configuration?

Unless we use unencrypted swap, it seems we have to give up
suspend/resume.  Then we a bit of loose security ....

How people cope with this on laptop ... I am curious.


Reply to: