Mailinglist Archive: opensuse (2430 mails)
| < Previous | Next > |
Re: [opensuse] enrypted swap without password?
- From: Hans Witvliet <hwit@xxxxxxxxxxx>
- Date: Thu, 24 Apr 2008 22:48:07 +0200
- Message-id: <1209070087.8334.3.camel@xxxxxxxxxxxxxx>
On Thu, 2008-04-24 at 22:24 +0200, Jan Engelhardt wrote:
Looks great!
Only one thing is missing: smartcard/token support for protecting keys
I though it that was not possible until i stumbled over this page:
http://wiki.tuxonice.net/EncryptedSwapAndRoot
It uses an extension to opensc.
Hans
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
On Thursday 2008-04-24 21:00, Jan Ritzerfeld wrote:
Am Donnerstag, 24. April 2008 schrieb Daniel Bauer:
I'd like to have an encrypted swap partition, but without asking me for a
password when booting.
I tried two different approaches:
- http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO
did as described (in regard of swap), all worked fine, except that I
had to enter the password when booting. So "undid" what I did, and
[...]
You should use a random key. Go to the article's Talk-Page:
http://en.opensuse.org/Talk:Encrypted_Root_File_System_with_SUSE_HOWTO#Create_an_encrypted_swap_partition
However, there seems to be some problems with 10.3, thus, please read the
following sections of the above mentioned article and the bug report
mentioned there, too.
There is no problem in having auto-keyed encrypted swap in 10.3, I have
it on all partitions. Just set it up in /etc/crypttab:
swap1 /dev/disk/by-id/ata-fooobar-part1 /dev/urandom swap
Looks great!
Only one thing is missing: smartcard/token support for protecting keys
I though it that was not possible until i stumbled over this page:
http://wiki.tuxonice.net/EncryptedSwapAndRoot
It uses an extension to opensc.
Hans
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |