Milan Broz schrieb:
Changes since version 1.0.7 --------------------------- Important changes: ~~~~~~~~~~~~~~~~~~ * Adds luksSuspend (freeze device and wipe key) and luksResume (with provided passphrase). luksSuspend wipe encryption key in kernel memory and set device to suspend (blocking all IO) state. This option can be used for situations when you need temporary wipe encryption key (like suspend to RAM etc.) Please read man page for more information.
I have a LUKS volume as a physical volume for my LVM volume group, which contains all my filesystems (including /). I was wondering if the following might work:
- Copy a static cryptsetup binary to a tmpfs - cryptsetup luksSuspend - echo mem >/sys/power/state - cryptsetup luksResume It would be an awesome feature, as it would make suspending safer.
* Uses libgcrypt and enables all gcrypt hash algorithms for LUKS through -h luksFormat option. Please note that using different hash for LUKS header make device incompatible with old cryptsetup releases.
This looks interesting.
* Move command successful messages to verbose level.
Yay! I've applied a patch to cryptsetup for a while to make luksOpen quiet in case of success, this is much nicer in boot scripts. Thank you for this one.
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
