[jaunty] encrypted swap breaks (or slows a lot) the boot

I can confirm this. I have noticed that I can speed up the process by pressing a few times the return key.

This bug may be related to bug #366397

I can confirm this, too. It takes more than 5 minutes to start swap every time I boot. After this '* swap (starting)', other lines apppear that look like error messages but they disappear before I can read them. In which logfile can I find them? Perhaps they would provide more information.

I've finally found a solution for this problem.

All I did was changing '/dev/random' to '/dev/urandom' in the /etc/crypttab and now the swap works.

wrong configuration, no bug

This is the auto configuration of Ubuntu 8.10. Therefore it's a bug in Ubuntu. And I don't think it's a solution to use /dev/urandom, since this raises some other security questions.

Bug #362315 might be a duplicate of this one.

What do you mean wrong configuration? Configuration of what?

Before upgrading to Jaunty, /dev/random worked, so I don't see your point.

Hm, maybe I was a bit too eager and fast changing the status. What I meant was that /dev/random needs noise to generate random numbers:

"When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered." (from http://en.wikipedia.org/wiki//dev/random)

So it actually makes sense that you should use /dev/urandom for this task. Since we are "only" talking about encrypting a swap partition, I think this is safe enough. But please correct me on this, if I'm wrong.

/dev/urandom is NOT meant for encryption. The proper encryption of the swap partition is essential for a secured system. It is as important as data partitions. No offense, but I don't understand why you've closed this bug when you understand so little of encryption.

As I said above, I may have been to overenthusiastic closing this bug, and I apologize for that, but there is no need to accuse me of knowing little of encryption. Please don't get personal and keep this here on a professional level.

/dev/random and /dev/urandom are both random number generators, but /dev/urandom is only a _pseudo_ random number generator, its generated output is still hard to predict. If you are paranoid (and I can understand that, because I'm paranoid sometimes, too), then /dev/urandom is not secure enough for you, but for other people it may be sufficient.

Since /dev/random/ can run out of usable entropy, it is not a bug, but expected behavior that you have to press keys or move the mouse or whatsoever to generate new random numbers, which will speed up the boot process.

When encrypting the swap partition, /dev/urandom can be used to generate a random key file, so you still had to reconstruct the exact sequence that was generated at the moment of initializing the encrypted swap partition, which is very, very hard.

Some links about this topic:
https://help.ubuntu.com/community/EncryptedFilesystemHowto5
https://www.antagonism.org/privacy/encrypted-swap-linux.shtml

Buttom line:
I fully agree with you that using /dev/urandom raises security questions. As you can see, both tutorials prefer /dev/random, but they also states that this might require you to press some keys, which strengthens my positions that this is NOT a bug.

Btw: I found an earlier bug report and I think, this one here is a duplicate of Bug #223072