> On 17 May 2015, at 02:19, dan mclaughlin <thev...@openmailbox.org> wrote: > > On Sun, 17 May 2015 00:20:52 +0200 Fredrik Alm <f...@fredrikalm.com> wrote: >> I’ve seen a few “whole disk encryption” >> tutorials which puts the swap outside of the partition used for the softraid >> encryption, since openbsd already encrypts the swap partition anyway. I >> assume that by putting the swap inside the encrypted partition, there will >> be performance penalties because encryption is done twice? could someone >> shed a little light on this issue? >> > > where did you see those tutorials? i attempted this some months ago (6-7) and > it was not possible to have swap outside of the softraid. i forget what the > exact problem was (i should have taken better notes...). i believe the > system wouldn't boot properly, and i think it was because the swap partition > was on a different device. > > in the end i found it easier to just leave it all in the softraid for other > reasons in addition to that issue. as to swap encryption, i disabled it. no > need to encrypt twice.
this is one of the tutorials: http://www.bsdnow.tv/tutorials/fde I found that when the swap was on a different disk (sd0b instead of sd1b, with the rest of the encrypted stuff on the softraid disk) the swap had to be added manually to the fstab and even then it was defaulted to /dev/sdb1 (which didn’t exist) for coredumps. I assume this is why ZZZ exited with a kernel error instead of hibernating when I tried this disklayout. When I just put everything including the swap on the softraid it worked like normal. I’ll just try turning the swap encryption off then, seems easier than reconfiguring the kernel to use sd0b as a dump device.
