From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tP1X6Q_EU5zZ for ; Thu, 10 May 2012 21:50:33 +0200 (CEST) Received: from mail-qc0-f178.google.com (mail-qc0-f178.google.com [209.85.216.178]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Thu, 10 May 2012 21:50:33 +0200 (CEST) Received: by qcse1 with SMTP id e1so1844853qcs.37 for ; Thu, 10 May 2012 12:50:32 -0700 (PDT) Message-ID: <4FAC1C06.5090109@gmail.com> Date: Thu, 10 May 2012 12:50:30 -0700 From: Konstantin Svist MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: [dm-crypt] Encrypting swap List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hi, I'm setting up Fedora 16 i686 with [luks] encrypted root on a laptop. Problem is, I can't seem to find a way to encrypt the swap so that it would be usable for hibernation. * Simple setup for encrypting swap uses a random key generated on each boot, so resuming doesn't work. * Using the same key for swap & root is not recommended because some tool caches the password, making the whole thing meaningless [1] * Using a swap file doesn't work because btrfs is Copy-On-Write, so the filesystem may get messed up by hibernate/resume process. I'm not sure if the "same key" problem exists in Fedora 16, I've tried setting it up this way and I'm able to boot but not resume. Any help appreciated! [1] https://wiki.archlinux.org/index.php/Talk:System_Encryption_with_LUKS_for_dm-crypt#Suspend_to_disk_instructions_are_insecure