On Tue, Aug 5, 2008 at 12:21 PM, Mike C <mike.cloaked@xxxxxxxxx> wrote: > I have a machine with f9 clean installed and encrypted /, encrypted swap > and encrypted /opt partitions. > > Of course during boot you are asked for the luks passphrase for all three > partitions. > > ... > > I would like to to the same with the swap partition - but if I make a > second keyfile in /root and refer to it on the swap partition line in > /etc/crypttab in the same way as for /opt then it ignores this during boot and > asks the user for the luks passphrase for the swap partition after asking for > the passphrase for the root partition. The / and primary swap partitions (or logical volumes) are handled a bit differently than say /opt. They are mounted very early in the boot process, and in fact are handled by the initrd's nash scripts. If you change the LUKS options for these, you'll need to rebuild the initrd (see mkinitrd) as well. Or, you could just wait until the next kernel update and it will correct things for you. I'd use /dev/urandom for swap; unless it's a laptop and you'll be doing suspend-to-ram (which I've heard could have LUKS issues). -- Deron Meranda -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list