https://bugzilla.novell.com/show_bug.cgi?id=397411 User seife@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=397411#c12 Stefan Seyfried <seife@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #12 from Stefan Seyfried <seife@novell.com> 2008-06-09 08:05:21 MDT --- (In reply to comment #11 from Peter Keenig)
Second, no my remark is, that IF I encrypt root and home (as offered by the installer now,
Actually i was not able to install an encrypted root with YaST. I tried the installation from the Live-CD.
So it's more like "option to encrypt root/home breaks hibernation functionality" (since I can only hibernate to root, correct?).
No. It should work perfectly fine with encrypted root/home, as long as swap is not encrypted.
That swap itself should be encrypted as well would probably be more an "additional feature request". But if hibernation would work on encrypted partitions, the hibernation file itself would already be encrypted and thus not be able to leak information.
The normal setup does not use a "hibernation file". It uses the swap partition.
I'm not 100% sure but I think Fedora 9 somehow solved the problem of hibernating to an encrypted partition, at least the corresponding bug report has been closed: https://bugzilla.redhat.com/show_bug.cgi?id=247794
Yes, Fedora apparently handles encrypted swap partitions differently and activates them from initrd before mounting the rootfs. However, i am not sure if it is worth the effort, since we can do encrypted suspend just fine (i will think about implementing an additional "suspend partition" that is only used for suspend, so that the "normal" swap partition can still be encrypted. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.