Mailinglist Archive: opensuse-security (46 mails)
| < Previous | Next > |
Re: [opensuse-security] re-attaching luks encrypted partition without need of re-entering passphrase
- From: Susan Dittmar <SDittmar@xxxxxxxxx>
- Date: Thu, 14 Oct 2010 09:15:30 +0200
- Message-id: <20101014071530.GA2831@xxxxxxxxx>
Dear Carlos,
Quoting Carlos E. R. (robin.listas@xxxxxxxxxxxxxx):
Last night I tested another setup using YaST to set up the encrypted
partitions. Now I understand why you wrote I would have to type the
password for every partition -- with YaST's setup, I have to. I did just
two reboots, and already I hate myself for having chosen a long passphrase.
On the other hand, I *want* a long passphrase! So it's either provide for
an additional key as proposed by Christian Boltz or find out how to
activate the 'try reusing key before asking for a new one' I had before for
the YaST-generated setup.
Christian Boltz' idea would also solve my main problem: automatically
re-mounting the encrypted suspend-to-disk swap partition during suspend. On
the other hand it would mean having passwords on the root partition, which
I would like to avoid.
Stefan, I will read more about uswsusp too. I'm sure I can learn
interesting things from that too, and maybe I'll use it.
Thanks again for the input,
Susan Dittmar
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx
Quoting Carlos E. R. (robin.listas@xxxxxxxxxxxxxx):
Using that method, however, during boot the system would ask for the
passphrase twice or more: once for the root system (another for /home, if
used), and another for swap ?ยน?.
Last night I tested another setup using YaST to set up the encrypted
partitions. Now I understand why you wrote I would have to type the
password for every partition -- with YaST's setup, I have to. I did just
two reboots, and already I hate myself for having chosen a long passphrase.
On the other hand, I *want* a long passphrase! So it's either provide for
an additional key as proposed by Christian Boltz or find out how to
activate the 'try reusing key before asking for a new one' I had before for
the YaST-generated setup.
Christian Boltz' idea would also solve my main problem: automatically
re-mounting the encrypted suspend-to-disk swap partition during suspend. On
the other hand it would mean having passwords on the root partition, which
I would like to avoid.
Stefan, I will read more about uswsusp too. I'm sure I can learn
interesting things from that too, and maybe I'll use it.
Thanks again for the input,
Susan Dittmar
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx
| < Previous | Next > |