Hibernation and secret keys
kloecker at kde.org
Thu Feb 12 00:21:42 CET 2009
On Wednesday 11 February 2009, David Shaw wrote:
> On Wed, Feb 11, 2009 at 10:37:43PM +0100, Ingo Kl?cker wrote:
> > On Wednesday 11 February 2009, David Shaw wrote:
> > > On Wed, Feb 11, 2009 at 12:59:48PM +0100, Christoph Anton
> > > Mitterer
> > wrote:
> > > > A good workaround is to use disk encryption (dm-crypt or
> > > > similar things).
> > >
> > > Encrypted disks don't help without serious OS support around
> > > suspend.
> > Obviously.
> > > Your machine suspends, and writes a snapshot of its memory to
> > > disk. Sure, let's say it's even encrypted. When you wake the
> > > machine, is the encrypted disk still mounted?
> > Obviously not.
> > Usually your messages are very helpful. Unfortunately, this
> > particular message is the exact opposite. Googling for "encryption
> > suspend to disk linux" I found many websites explaining how this
> > works with most common distributions (mostly out-of-the box, i.e.
> > without compiling a kernel).
> Clearly you missed the point.
I don't think so. :-)
> I've seen various cookbook sites on
> how to do this, and some of them get it dramatically wrong. Hence
> the question: "When you wake the machine, is the encrypted disk still
In this context your question makes sense. Without the context it
sounded like a rhetorical question to me.
> If the answer is "Yes", then you're not protecting very much. You
> did not succeed in doing what you were trying to do. If the answer
> is "No", you at least avoided the usual pitfalls.
I missed this last sentence in the message I replied to.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users