Using luks and uswsusp on Debian

by Helmut Grohne

This document describes a method to set up a Debian Etch (or possibly Lenny) system for suspending to a luks encrypted swap partition using uswsusp.

Although I tested these instructions on two machines they still may contain errors. Backing up your system before doing the following steps is therefore a good idea. (Yes, you can destroy an ext3 filesystem using uswsusp. Been there, done that.) In any case feedback is welcome. Feel free to mail to helmut@subdivi.de, but do not mail devnull@subdivi.de.

In order to use these instructions you need a kernel supporting initramfs and uswsusp. Furthermore the packages initramfs-tools cryptsetup uswsusp hibernate are needed. (Technically hibernate is no requirement.) It is also assumed that /dev/hda1 is a swap partition at least as large as your main memory.

Creating cryptoswap #

First of all we convert the swap partition to a cryptoswap partition. After running swapoff /dev/hda1 we can convert it using cryptsetup luksFormat /dev/hda1, which will require you to enter a password. The password is the weakest link in the security chain in this case. In order to make the cryptoswap partition known to the system we'll modify /etc/crypttab to contain the line:

cswap	/dev/hda1	none	luks

You can now activate it using /etc/init.d/cryptdisks start. This will create a device /dev/mapper/cswap. Now we need to use the swap. Your /etc/fstab probably contains a line like:

/dev/hda1	none	swap	sw	0	0

/dev/hda1 needs to be replaced by /dev/mapper/cswap. After formatting swapspace using mkswap -v1 /dev/mapper/cswap the encrypted swapspace can be used and activated using swapon /dev/mapper/cswap. At this point the modification can be tested by rebooting the system. After rebooting /dev/mapper/cswap should be automatically used as swapdevice.

Activating cswap in initramfs #

Until now your crypto disks are activated after init is being run, which is too late for resuming a suspend to disk image. Therefore this process needs to be done during initramfs and the initramfs needs to be modified. This is done by creating a file /etc/initramfs-tools/conf.d/cryptroot containing the following line:

target=cswap,source=/dev/hda1,key=none

As you don't want to modify it twice you should also create the file /etc/initramfs-tools/conf.d/resume containing the following line.

RESUME=/dev/mapper/cswap

After these changes your initramfs needs to be updated using update-initramfs -u. You can and probably should test your setup by rebooting your machine. Your cswap device should now be setup before init is executed. If this is not the case do not proceed with the next step.

Suspending the machine #

Now uswsusp needs to be configured by setting the resume device in /etc/uswsusp.conf to /dev/mapper/cswap. As the initramfs was already set up to resume from /dev/mapper/cswap in the previous step it does not have to be modified again. After doing so you can either use hibernate or s2disk to suspend your machine. Using a wrapper like hibernate is recommended, because it removes certain suspend-incapable kernel modules and does other useful stuff.

Further security advices #

On Debian the initramfs will only ask a few times for a password and will then offer to boot the machine without resuming. I consider this a bad idea as it is easier to just append noresume to the kernel commandline (given that you know the password for your boot loader). There is an easy workaround for this issue which can be done by removing the line

		count=$(( $count + 1 ))

from /usr/share/initramfs-tools/scripts/local-top/cryptroot which will cause the number of tries not being incremented and thus an infinite number of tries being allowed. By doing so an attacker needs to externally modify the hard disk to boot the machine. Please note that this change will be undone by upgrading the package cryptsetup which contains the modified file.