[dm-crypt] Cryptsetup FAQ montly pointer 8/13

Milan Broz gmazyland at gmail.com
Sat Aug 3 16:47:12 CEST 2013


On 08/03/2013 04:10 PM, Dragan Milivojević wrote:
>> Another option for reliably identifying the swap partition is to use
>> /dev/disk/by-id/<identifier> to identify the drive by model and serial
>> number.  For example, my own swap partition is
>>
>>     /dev/disk/by-id/scsi-SATA_ST95005620AS_5YX1NEGE-part5
>>
>> That should be safe unless I re-purpose that drive and forget to update
>> /etc/crypttab.
> 
> I would suggest using UUID. It works in all cases (partition, raid,
> lvm member etc).
> My crypttab (encrypted swap/home):
> 
> luks-4dc17e23-e895-4e4b-8061-114fb33c310b
> UUID=4dc17e23-e895-4e4b-8061-114fb33c310b none
> luks-46969c48-ab1f-4bd7-bc2a-ae7c1bc86b26
> UUID=46969c48-ab1f-4bd7-bc2a-ae7c1bc86b26 none
> 
> This was generated by fedora install.

Sure, this is the best way if you use LUKS and Fedora installer
is using LUKS even for swap.

For plain crypt (or Truecrypt) you have no UUID, so you cannot use it.
(You can use uuid/wwid of underlying device as mentioned above
but this is not be present always.)

Milan


More information about the dm-crypt mailing list