[arch-general] Full system encryption with support for hibernation

[Karol Babioch]

Hi,

I've recently set up full encryption of my system (including swap), but
therefore lost the possibility to suspend my device to disk (hibernate).

The only way mentioned in the wiki is highly not recommended as you
would have to place your key on the unencrypted boot partition, which
basically conflicts the idea of full encryption (see
http://wiki.archlinux.org/index.php/System_Encryption_with_LUKS_for_dm-crypt#Encrypted_swap_with_suspend-to-disk_support).

By looking for some solution, the only thing I could figure out was to
set up lvm, and encrypting the whole lvm partition, which would include
the swap. This way all of my stuff would get unlocked, including the
swap and therefore my system could resume from a former hibernation.

Before setting this up (which will cost some time, as I have to back up,
configure and restore my stuff) I wanted to ask you, whether this will
work as supposed, and if there may be any better solutions?

How do you get both hibernation and full encryption working together?

-- 
Best regards,
Karol Babioch <karol at babioch.de>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20091025/e51a25b0/attachment.bin>