On 19/06/2006 Andrew Pimlott wrote: > Automatically formatting a swap partition is a destructive operation, so > all reasonable checks should be made before doing it. It is currently > not possible to positively identify a swap partition encrypted with a > random key; nor is it possible to negatively identify a partition as not > encrypted (with some unknown key). This gives me two ideas:
at least we can be sure that devices with a known filesystem don't contain encrypted data. so we can skip those. > 1. Create a marking for partitions to be encrypted with a random key, > allowing for the positive identification above. Perhaps this should > be part of LUKS. i see this more as a feature than as a bug. there may exist situations where you don't want your device to be marked as 'contains encrypted data'. > 2. If I use LUKS for all encrypted filesystems, I believe it is > possible to perform the negative identification above. That is, if > I don't see the LUKS header, and the partition does not have an > unencrypted volume, then it is safe to destroy. So let me promise > that I have no non-LUKS encrypted filesystems. i'm not sure that i understand. you mean that all encrypted non-swap devices should be LUKS devices? we should never expect that. ... jonas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
