On Sat, Aug 03, 2013 at 04:47:12PM +0200, Milan Broz wrote: > On 08/03/2013 04:10 PM, Dragan Milivojević wrote: > >> Another option for reliably identifying the swap partition is to use > >> /dev/disk/by-id/<identifier> to identify the drive by model and serial > >> number. For example, my own swap partition is > >> > >> /dev/disk/by-id/scsi-SATA_ST95005620AS_5YX1NEGE-part5 > >> > >> That should be safe unless I re-purpose that drive and forget to update > >> /etc/crypttab. > > > > I would suggest using UUID. It works in all cases (partition, raid, > > lvm member etc). > > My crypttab (encrypted swap/home): > > > > luks-4dc17e23-e895-4e4b-8061-114fb33c310b > > UUID=4dc17e23-e895-4e4b-8061-114fb33c310b none > > luks-46969c48-ab1f-4bd7-bc2a-ae7c1bc86b26 > > UUID=46969c48-ab1f-4bd7-bc2a-ae7c1bc86b26 none > > > > This was generated by fedora install. > > Sure, this is the best way if you use LUKS and Fedora installer > is using LUKS even for swap. Which is not a general solution as that means a) Suddenly all yout secret stuff in swap survices reboots b) Swap needs a passphrase to be unlocked! In the general case you want neither of these to happen. > For plain crypt (or Truecrypt) you have no UUID, so you cannot use it. > (You can use uuid/wwid of underlying device as mentioned above > but this is not be present always.) Indeed. I tried both when I wrote the entry, only to find that neither worked on my system (Debain with custom kernel). As this is not a distrioution specific FAQ (there are those) distribution specific stuff shopuld not go into it. Of course documentation for a specific distribution can contain specific advice that is not general, and some people have already asked me about such things, also with regard to encrypted swap. Arno > Milan > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
