Re: Swap encryption (via LUKS) and Hibernation (disk suspend)
q9u3x4c02@sneakemail.com wrote:
> All this was done via the Debian installer, correct?
Yes.
> Also, you opted to have just one real partition, where everything is
> encrypted even /boot? So I take it you use a USB dongle to boot your
> system initially?
For both lvm and for encrypted filesystems /boot needs to be a normal
filesystem. The initrd will load all of the needed modules and so
needs to be accessible without those modules. Make it ext2. I made
mine just a little bit bigger than really required so that I could use
it as a "drop box" for things like the ipw2200 firmware blobs without
needing to mount the encrypted partition.
Also, if the installer tries to load lilo instead of grub then you
have tripped into a case where "something is wrong" (IMNHO, since I am
a convert to grub and no longer desire lilo). Start again and check
everything. When things are right the d-i will install grub.
> Or did you mean having /boot as normal and / as encrypted via LUKS then LVM2
> on top of /, with logical partitions within the LVM2. To put it visually:
> /boot (normal)
> /root (LUKS) -> LVM2 -> multiple parition
I should walk through the install procedure once on a test machine and
capture the process. But I am sure someone will have already done
that. Once you have been through it then it all makes sense. But the
first time through can be a little confusing.
hda1 /boot primary partition (ext2)
hda5_crypt encrypted partition (logical is my preference, but no matter)
vg0 lvm2 volume group
vg0-root logical partition, root of filesystem (�ext3 in my case)
vg0-swap logical partition, swap
Bob
Reply to: