[dm-crypt] encrypted SWAP FAQ item

Jonas Meurer jonas at freesources.org
Thu Jul 11 11:24:22 CEST 2013


Heya,

Am 11.07.2013 08:53, schrieb Arno Wagner:
> Dear all,
> 
> I just have added a mini-HOWOT on how to set up encrypted swap
> in FAQ item 2.2:
> http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions
> 
> Proofreading and suggestions welcome. 

Good idea to add it to the FAQ. Thanks for maintaining this very
valuable piece of documentation.

But maybe you should more emphasize the fact that /etc/crypttab
implementations are distro-specific. While I know for sure that options
like swap and noearly are supported in Debian-based distributions, I'm
not sure about Redhat-based ones. Last time I looked, only a small
subset of crypttab options that we've implemented in Debian were
supported on Redhat-based systems.

Additionally, the following sentence looks wrong to me:

"Note: use /dev/random if you are paranoid or in a potential low-entropy
situation (embedded system, etc.).".

Mainly in low-entropy situations /dev/random would cause the boot
process to hang, right? So for these setups /dev/urandom actually is the
better solution. Granted that one isn't paranoid ;)

Kind regards,
 jonas



More information about the dm-crypt mailing list