It is possible. I have it set up like that on my laptop. Apart from a small /boot partition. The whole drive is encrypted. Decryption keys are stored encrypted in the initramfs, which is embedded in the kernel.
-- Joost On May 25, 2017 12:40:12 AM GMT+02:00, Rich Freeman <ri...@gentoo.org> wrote: >On Wed, May 24, 2017 at 2:16 PM, Andrew Savchenko <birc...@gentoo.org> >wrote: >> >> Apparently it is pointless to encrypt swap if unencrypted >> hibernation image is used, because all memory is accessible through >> that image (and even if it is deleted later, it can be restored >> from hdd and in some cases from ssd). >> > >Yeah, that was my main concern with an approach like that. I imagine >you could use a non-random key and enter it on each boot and restore >from the encrypted swap, though I haven't actually used hibernation on >linux so I'd have to look into how to make that work. I imagine with >an initramfs it should be possible. > >-- >Rich -- Sent from my Android device with K-9 Mail. Please excuse my brevity.