[Bug 91867] Re: [PATCH] allow resume from LUKS encrypted swap partition
Wladimir Palant
91867 at bugs.launchpad.net
Tue May 30 15:04:00 UTC 2017
By now (definitely xenial and above), this functionality has been
implemented via the cryptsetup package. It will take care of unlocking
resume devices so that one can simply use "resume=/dev/mapper/foo" for
the parameter.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/91867
Title:
[PATCH] allow resume from LUKS encrypted swap partition
Status in initramfs-tools package in Ubuntu:
Incomplete
Bug description:
Binary package hint: initramfs-tools
The attached patch allows to suspend and resume to a LUKS encrypted
swap partition. This means that all data (including passwords) that
would otherwise be written to disk in plain text will be encrypted.
To make use of the patch, you must
* create a LUKS encrypted partition
* activate the device with cryptsetup luksOpen
* run mkswap on it and enter it in fstab as swap
* change your kernel's resume=* line to
resume=LUKS=/name/of/harddiskpartition:devicemapper name (actual process depends on the bootloader used)
For example resume=LUKS=/dev/hda3:cryptswap
* then run update-initramfs to build a new initramfs.
You will then be asked to provide the password for the swap partition
upon boot and the script will try to resume from it. If it can't find
swsuspend signatures, boot will continue. The script will also
automatically setup correct suspend device for swsuspend.
I have extensively tested this on Feisty.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/91867/+subscriptions
More information about the foundations-bugs
mailing list