Re: [PLUG] Pros and cons of swap in a partition vs. in a file in the file system

[Matthew Rosewarne <mrosewarne@inoutbox.com>]

On Wednesday 19 December 2007, K.S. Bhaskar wrote:
> [KSB] I don't know any way to suspend to disk with an encrypted swap
> partition, because suspend to disk (Hibernate)recognizes that the swap
> space has a memory image in it and loads that memory image (simplified
> explanation).  If the swap space must have an encryption key entered
> before it can be booted, then you can no longer restore from swap.  So
> I only use suspend to RAM (Suspend).

Depending on how you've set it up, it's entirely possible to use suspend to 
disk with encrypted swap.

My preferred method is to make 2 partitions, a tiny one for the boot loader 
and a second for the rest of the disk.  You use the second partition for 
dm-crypt, and use the resulting encrypted volume for LVM.  You put the root 
and swap, along with any other "partitions", on the LVM.  When the system 
boots, the initramfs unlocks the encrypted partition, activates the LVs, and 
the kernel resumes (or boots normally) from there.

There are other methods to use encrypted swap, but that is definitely the 
simplest and easiest to work with.

Attachment: signature.asc
Description: This is a digitally signed message part.

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug