[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#296464: initrd-tools: Asks for a password phrase for crypted disks with r andom keys

On Wed, Feb 23, 2005 at 09:55:16AM +0100, Carsten Grohmann wrote:
> The crypt device initialized by the initrd will not processes
> by /etc/init.d/cryptdisk. This often is OK. But in combination of
> crypted swap devices with random pass phrases, the device have to
> processes by cryptdisk to create a new swap signatur and add it as swap
> space.

Ahh, now I understand.
You enter a bogus password, but the initrd still configures the swap device.
Then, during bootup cryptdisks passes over the swap b/c it is already
configured and does not run mkswap. swapon -a then fails b/c the swap
signature is missing.

> Best solution IMHO: Don't let the initrd initialize crypted swap devices

This is needed for software suspend...

> and also all devices with pass phrases from /dev/random
> and /dev/urandom.

This makes good sense.

So, what seems best to me is to disable configuration of swap when the
crypttab specifies /dev/*random for the key or the 'swap' option. This
breaks software suspend, but with a random key that's not possible anyways.

-- 
Wesley W. Terpstra
Reply to: