This is a solvable security issue, not something that users ought to just deal with. The solution is to dump the key from RAM on suspend and to NOT write it to disk on Hibernate, and to ask the user to unlock the disk on resume. Disk encryption is useless on machines that get suspended or hibernated without this solution. At the absolute least, there should be a massive, all-caps warning to users during installation that their disk is NOT PROTECTED if they suspend or hibernate. I believe this should be converted back into a bug and dealt with.
** Changed in: ubuntu Status: Invalid => Opinion -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/937361 Title: LUKS encryption keys are not dumped on suspend/hibernate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/937361/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs