[dm-crypt] identifying vanilla GPT partitions for encryption

Sven Eschenberg sven at whgl.uni-frankfurt.de
Fri Oct 3 01:34:49 CEST 2014

As a matter of fact mount(and friends) can use any key/value pair
supported by libblkid. In fact this includes Filesystem label, filesystem
UUID, GPT partition label and GPT partition UUID. (LABEL/UUID for fs,



On Thu, October 2, 2014 21:56, Arno Wagner wrote:
> and it claims that the GPT partition IDs can be used in fstab.
> I cannot test anything with GPT, I just returned my only GPT
> disk to MBR (ex. win8 netbook), because GPT and UEFI just is
> too much hassle at this time and I do not use windows on that
> device anyways.
> Arno
> On Thu, Oct 02, 2014 at 21:05:27 CEST, Boylan, Ross wrote:
>> [Note this does not concern coming up with a unique code to identify
>> encrypted partition as a type, the subject of a January thread.]
>> In brief, can GPT partition UUIDs be used to identify partitions that
>> will
>> be the base for encrypted swap (i.e., no LUKS)?
>> Background:
>> My crypttab included
>> # sda2 appears to lack a UUID
>> sda2_crypt /dev/sda2 /dev/urandom
>> cipher=aes-cbc-essiv:sha256,size=256,swap
>> sdb2_crypt UUID=d0b3bdf0-8711-4780-a31f-2f296c1fea00 /dev/urandom
>> cipher=aes-cbc-essiv:sha256,size=256,swap
>> I added and moved around disks and this led to the wrong sda2 being used
>> (a possibility mentioned in the FAQ).  The UUID given for sdb2 does not
>> exist, so that device was not created.
>> The disks are GPT format, and each GPT partition has a UUID
>> (http://en.wikipedia.org/wiki/GUID_Partition_Table#Features).  Is it
>> possible to use that?
>> Since the partitions are swap they do not have a LUKS header to identify
>> them.  The FAQ suggests some work-arounds, but they are a bit awkward
>> and
>> seem likely to have some performance penalty.  Also, my md device
>> numbers
>> have not been stable through my recent work, which involved alternating
>> between old and new version of mdadm and creating new md devices.
>> blkid does not report a UUID for the raw partitions, and parted does not
>> print one out either.  So I'm a bit baffled how to find it, and also
>> have
>> doubts that dm-crypt (or whatever handles crypttab) would be able to use
>> the ids even if I found them.
>> Thanks.
>> Ross Boylan
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt at saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
> --
> Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
> GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D
> 9718
> ----
> A good decision is based on knowledge and not on numbers. -- Plato
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

More information about the dm-crypt mailing list