On 20.04.2010, Si St wrote: > To Heinz: Would not a pre-generated keyfile need to be opened by a passfrase? No, the keyfile itself is the "passphrase". I'm not talking about the master key here, what I mean is something like dd if=/dev/urandom of=keyfile bs=64 count=1 cryptsetup luksFormat /dev/sdx /path/to/keyfile You could now e.g. do something like swap /dev/sdx /path/to/keyfile swap in your crypttab, save the keyfile somewhere on the encrypted root partition and open the swapspace using a bootscript after your root partition has been mapped. You could then backup the keyfile in a safe place and use it to map the swap partition manually if desired (in the scenario you described). _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
