Re: Swap encryption (via LUKS) and Hibernation (disk suspend)

[q9u3x4c02@sneakemail.com]

On Saturday 05 May 2007 11:56, Bob Proulx wrote:
> Let me very tersely describe this process.  The first thing is to
> create a physical volume for encryption.  That enables a new option to
> configure encrypted filesystems.  Then what I think is best is to use
> lvm to manage all of the rest.  Therefore I create an lvm partition on
> the newly created encrypted partition.  That enables a new option to
> configure lvm.  Then create (at least) two logical volumes, one for
> swap and one for everything else.  Then assign all of the partitions.
> This creates both swap and filesystem partitions layered through lvm
> layered through the encrypted partition.
>
> This process enables one single encrypted partition and so a single
> LUKS password at boot time needs to be entered.  But it supports
> through lvm as many logical volumes as desired.  The Debian kernels
> and mkinitrd are configured to set up the initrd automatically with
> the layers of drivers needed to make this work out of the box.

All this was done via the Debian installer, correct?

Also, you opted to have just one real partition, where everything is encrypted 
even /boot? So I take it you use a USB dongle to boot your system initially?

Or did you mean having /boot as normal and / as encrypted via LUKS then LVM2 
on top of /, with logical partitions within the LVM2. To put it visually:
/boot (normal)
/root (LUKS) -> LVM2 -> multiple parition

Thank you again for all of your insight.