Curt (2018-02-01): > Unfortunately my crypttab (which I've never touched or looked at) > reveals the following: > > # <target name> <source device> <key file> <options> > cryptswap1 /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256 > > Which is dangerous because that dev/sda5 gets wiped out at every > (re)boot. The danger is quite exaggerated, but better eliminate it altogether if convenient. > curty@einstein:~/tips$ find -L /dev/disk -samefile /dev/sda5 > /dev/disk/by-partuuid/00065379-05 > /dev/disk/by-path/pci-0000:00:11.0-ata-1-part5 > /dev/disk/by-id/wwn-0x50014ee2b0b1534b-part5 > /dev/disk/by-id/ata-WDC_WD15EARS-22MVWB0_WD-WCAZA8328525-part5 > > I probably should change my crypttab (as a sane precaution) to: > > swap /dev/disk/by-id//dev/disk/by-id/ata-WDC_WD15EARS-22MVWB0_WD-WCAZA8328525-part5 > /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 That would probably work. "PARTUUID=00065379-05" would probably too. > Still, I'm uncertain what goes into /etc/fstab. > > /dev/mapper/swap none swap sw 0 0 > > ? Indeed, /dev/mapper/swap, since your swap device is named like that in crypttab. Although I personally prefer a more explicit name. Regards, -- Nicolas George
Attachment:
signature.asc
Description: Digital signature