On Fri, Aug 28, 2009 at 04:28:56PM +0200, Martin Milata wrote: > Using these commands, it should be possible to temporarily throw out the > encryption key without unmounting the filesystem or removing the > mapping. That would require support in cryptsetup, though. I added support for that to device mapper ages back. 1. suspend device 2. send message 'key wipe' later 1. send message 'key set <key>' 2. resume device Can be done from command line 'dmsetup' or from an application using direct libdevmapper library calls. Alasdair _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
