Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#5837 - /etc/crypttab: Encrypted swap not working with random key (patch attached)
Attached to Project:
Arch Linux
Opened by Federico Quagliata (quaqo) - Wednesday, 15 November 2006, 16:52 GMT
Last edited by Thomas Bächler (brain0) - Sunday, 13 May 2007, 13:03 GMT
Opened by Federico Quagliata (quaqo) - Wednesday, 15 November 2006, 16:52 GMT
Last edited by Thomas Bächler (brain0) - Sunday, 13 May 2007, 13:03 GMT
|
DetailsUsing something like:
swap /dev/sda7 /dev/urandom -c aes-cbc-essiv:sha256 -h sha256 in /etc/crypttab doesn't work because /dev/mapper/swap turns out to be an invalid swap partition. I wrote a little patch to rc.sysinit that works on my sistem (vaguely inspired by the debian cryptosetup package). |
This task depends upon
Closed by Thomas Bächler (brain0)
Sunday, 13 May 2007, 13:03 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in the next version (to be released in an hour or so)
Use the SWAP keyword instead of a passphrase. This will use a random key and overwrite all data on the volume! Still dangerous though.
Sunday, 13 May 2007, 13:03 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in the next version (to be released in an hour or so)
Use the SWAP keyword instead of a passphrase. This will use a random key and overwrite all data on the volume! Still dangerous though.
Comment by Thomas Bächler (brain0) -
Sunday, 17 December 2006, 23:22 GMT
Your patch still looks dangerous, but I will definitely think about this some more.
Comment by Federico Quagliata (quaqo) -
Monday, 18 December 2006, 08:56 GMT
I've been using it for months without problems. Anyway... You say it's dangerous because it assumes that /dev/mapper/swap it's swap and erase everything on it?
rc.sysinit.crypto.patch