Mike wrote:
Mike C <mike.cloaked <at> gmail.com> writes:
The /etc/crypttab line has
luks-sda6 /dev/sda6 /root/keyfileswap
where /root/keyfileswap has been added as another key to the swap partition
using cryptsetup lukesAddKey
Seems this is in bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=448665
Is this a bug or a feature?
Either way it is annoying.
As for the proposed fix, what if you don’t use crypttab?
And what if you don’t use /dev/urandom?
I have used a heavily modified rc.sysinit for the last several versions
of Fedora calling a custom script to mount 5 LUKS partitions.
mkinitrd in F9 now breaks everything.
My solution ( work around ) has been to turn swap off and un-mapp the
swap partition just before I do a kernel install. This way mkinitrd
does not see it. Upon reboot it gets mounted through my scripts and
fstab ( in your case crypttab )
There is also an option during install to use a global LUKS passphrase.
Would that have been a solution for you ( Mike C. ) for your test box?
Anyone know how and where Fedora stores that passphrase for use? Is it
a security issue?
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
