Marco Moock:
Am 22.02.2024 um 13:18:48 Uhr schrieb Frank Weißer:
I use to encrypt my swap and /var/tmp partitions during
installation.
That is LUKS.
the partition tool in debian installer offers me randomized keys
for that and has 'delete partition' set to 'yes', which costs lot
of time, not necessary on new hdd/ssd and - my opinion - on
randomized keys. I propose switching to 'no', when selecting
randomized keys.
Why? A user can rather easy select what he wants.
As I said: My opinion; if you miss setting 'no' you have to wait a lot
of time...
Further I can select ext2 or swap for partition format.
That is really strange. swap is only for the special-purpose swap
partition.
Yes, I choose it for the swap partition
I use ext2 for /var/tmp, but - in /etc/crypttab the marker 'tmp' is
missing for the /var/tmp partition
Which marker?
This one:
frank@pc:~$ cat /etc/crypttab
sda4_crypt /dev/sda4 /dev/urandom cipher=aes-xts-
plain64,size=256,swap,discard
sda5_crypt /dev/sda5 /dev/urandom cipher=aes-xts-
plain64,size=256,tmp,discard
^^^
crypttab is only for decrypting the partition and creating a device
file for the encrypted one.
- in /etc/fstab ext2 is set instead of ext4, that cryptsetup
defaults to. So on reboot I end up in emergency mode.
If you format it in ext2, choose that. Or was that an automatic
decision by the installer?
I only choose ext2 for formatting the encrypted partition, because
nothing else is offered. Despite that the partition in fact is getting
formatted ext4, so the entry ext2 in /etc/fstab leads into emergency mode.
I think the partitioning tool in installer should offer to format the
encrypted partition in ext4, as LUKS (?) does, instead of ext2 and must
write ext4 to /etc/fstab, as this is, how it ends up.
