Hey magical linux-oracle,
I recently made a full disk encryption on my computer via the debian installer.
I partitioned it like this:
SSD:
– unencrypted part –
Boot - 1GB space, mounting point: /boot
EFI - 512MB space, mounting point: ESP, bootable flag: on
– encrypted part –
Encrypted container with a volume group (vg-1) containing 3 logical volumes:
Root - 50GB space, mounting point: /
Swap - 30GB space, mounting point: swap
Home - Rest of space, mounting point: /home
& Second harddrive fully encrypted with one logical volume and mounting point /mnt/data
The install of linux worked pretty well.
Unfortunately, the hibernation part doesn’t work out of the box. When I press hibernate (or standby), it only goes to the lock screen. How can I solve that issue? (Is it even a good idea to use hibernation on encrypted devices?)
Second thing: As you can see from my setup, I use 2 disks. When I start up my system, I only need to enter my decryption password once (not twice for the 2nd HD) and I see, that my second hard disk seems to be mounted already. It seems that people usually struggle with typing in their passwords twice and want a solution for that. Is it possible, that debian automatically fixed this for me (It’s the same pw for both)?
Thanks!
~sp3ctre
I have this working on Debian like how you have it set up, everything on an encrypted lvm volume, except for boot and efi. Just one disk though. When waking up, it asks for the password like it does during normal bootup. It then restores RAM from the encrypted swap after you type the password. I think it worked out of the box, but it has been a while, so not 100% sure if I had to enable this somehow. Anyway this looks good to me.
If you manually run
systemctl hibernate, does that work? Assuming this also does not work, you need to look at the logs during the failed hibernate attempt. Probably something likesudo journalctl -fand/orsudo dmesg -wH(for kernel logs). Open this up in two terminals, runsystemctl hibernateand observe any errors or warnings.It’s possible this is a hardware/driver issue, i.e. a driver prevents hibernation or fails at it. You may be able to figure out which driver/device is responsible by looking at the logs.