Your message dated Wed, 6 Feb 2008 18:04:30 +0100
with message-id <[EMAIL PROTECTED]>
and subject line closing because of inactivity
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: cryptsetup
Version: 2:1.0.4+svn29-1
Severity: wishlist
(a similar mail already went to [EMAIL PROTECTED])
I tried to use luks to encrypt swapspace for uswsusp, because this will
also encrypt normal swapping activity and not only hibernation. After
reading and experimenting with cryptsetup's initramfs hooks I found some
things:
The initramfs tries to limit the rate at which passwords can be entered
by invoking sleep 3 on failures. I generally appreciate this behaviour,
but in this case it would be cool if there was an easy way to disable
this feature (easy means not editing files under /usr).
In contrast to this high security the initramfs proposes normal booting
after several password failures. I don't see any advantage in this
behaviour. Assuming the user doesn't use cryptoroot this leads to an
easier way to get a running system as an attacker. If one really does
not want to resume there is an easier way than pressing enter all the
time: append noresume to kernel command line. This also has the
advantage, that a boot loader can be configured not to accept these
modifications without a password. I therefore suggest asking for
passwords until it is valid or a configurable behaviour.
Otherwise uswsusp seems to work great with cryptsetup and luks (i.e.
roughly out of the box with some googling, documentation would be
great[1]).
Greetings
Helmut
[1] I filled in a bit of the documentation gap:
http://subdivi.de/~helmut/luks-uswsusp.html
--- End Message ---
--- Begin Message ---
Hello,
This mail closes bug #430158 as the original submitter never replied to
any questions regaring it, and it doesn't really describe a bug.
greetings,
jonas
--- End Message ---
