1 |
On Tue, 18 Mar 2008 17:56:30 +0100, Florian Philipp wrote: |
2 |
|
3 |
> Third idea: Using a dedicated volume for storing the plaintext key. |
4 |
> Cumbersome, doesn't reduce the risk that srm isn't enough to protect the |
5 |
> key. |
6 |
|
7 |
You could use an encrypted volume to store the key. Your init script asks |
8 |
for the key for that volume, then all other volumes use key(s) stored on |
9 |
that volume. I do this, but have no idea how it will work with suspend. |
10 |
|
11 |
|
12 |
-- |
13 |
Neil Bothwick |
14 |
|
15 |
Light travels faster than sound. This is why some people appear bright |
16 |
until you hear them speak. |