Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Unlock encrypted swap wtih key file and hibernate

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
User avatar
Scorpion
Posts: 389
Joined: 2018-10-17 11:38
Has thanked: 5 times

Unlock encrypted swap wtih key file and hibernate

#1 Post by Scorpion »

I set a key file but I cannot hibernate.
Is there a way to hibernate with that?
Using a random key you shouldn't be able.

Is nowadays possible to use a swap file to hibernate? No more uswsusp now, I use Bullseye.
https://wiki.debian.org/Hibernation/Hib ... _Partition

Aki
Global Moderator
Global Moderator
Posts: 2823
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 69 times
Been thanked: 385 times

Re: Unlock encrypted swap wtih key file and hibernate

#2 Post by Aki »

Scorpion wrote: 2022-06-15 19:49 Is nowadays possible to use a swap file to hibernate?
Yes, of course. See https://wiki.debian.org/Suspend
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

User avatar
Scorpion
Posts: 389
Joined: 2018-10-17 11:38
Has thanked: 5 times

Re: Unlock encrypted swap wtih key file and hibernate

#3 Post by Scorpion »

Aki wrote: 2022-06-16 12:56 Yes, of course. See https://wiki.debian.org/Suspend
That wiki states to use `systemctl suspend` (or hibernate) of course I also tried that but I cannot when using a key file.
When running `update-initramfs -u`:

Code: Select all

cryptsetup: WARNING: Resume target cryptswap uses a key file

p.H
Global Moderator
Global Moderator
Posts: 3049
Joined: 2017-09-17 07:12
Has thanked: 5 times
Been thanked: 132 times

Re: Unlock encrypted swap wtih key file and hibernate

#4 Post by p.H »

Scorpion wrote: 2022-06-15 19:49 I set a key file but I cannot hibernate.
Please elaborate.
Where did you put the keyfile ?
What happens when you try to hibernate ?
Scorpion wrote: 2022-06-15 19:49 Using a random key you shouldn't be able.
Of course not. Actually you can hibernate, but you cannot resume because the random key is lost on shutdown.
Scorpion wrote: 2022-06-15 19:49 Is nowadays possible to use a swap file to hibernate?
Yes but it is awkward so I would not recommend it. Besides, what does it have to do with using a keyfile ?

User avatar
Scorpion
Posts: 389
Joined: 2018-10-17 11:38
Has thanked: 5 times

Re: Unlock encrypted swap wtih key file and hibernate

#5 Post by Scorpion »

I put the keyfile on /etc/<keyfile>, I set crypttab to use it and updated initramfs.
It works to unlock the partition but I cannot hibernate.

When I try to it turns off for a moment and then turns on immediately.

I need a key file since I am using osk-sdl to unlock LUKS so I cannot use the decrypt_keyctl script https://unix.stackexchange.com/question ... ks-at-boot.
Integrate the osk-sdl key script into the /lib/cryptsetup/scripts/decrypt_keyctl one seems the best solution.

osk-sdl key script:/usr/share/initramfs-tools/scripts/osk-sdl-keyscript.
I am using the osk-sdl_0.66-5mobian1_amd64.deb package to avoid a bug of the Debian version.

Can the decrypt_derived key script work for hibernation? If something happens it's just swap.

Post Reply