You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2006-10-16 01:08:56
- tuxman
- Member
- From: Ensenada Mexico
- Registered: 2005-08-12
- Posts: 51
encrypted swap
can anyone point me to a good howto about how to encrypt the swap partition using dm_crypt on archlinux 7.2?
thanks
tuxman
Offline
#2 2006-10-16 01:12:10
- tuxman
- Member
- From: Ensenada Mexico
- Registered: 2005-08-12
- Posts: 51
Re: encrypted swap
well I think I'll try this link... LOL
thanks
tuxman
Offline
#3 2006-10-16 06:51:49
- tuxman
- Member
- From: Ensenada Mexico
- Registered: 2005-08-12
- Posts: 51
Re: encrypted swap
hi,
I've tried the commands suggested in the wiki,
http://wiki.archlinux.org/index.php/Using_DM-Crypt
but I get an error
after I did
#modprobe dm_crypt
#cryptsetup -c aes -s 64 -d /dev/urandom create swap0 /dev/hda4 (my swap partition)
Command failed: device-mapper: reload ioctl failed: invalid argument
also, I added dm_crypt and aes to the MODULE= section of the mkinitcpio-kernel26.conf and created the image.
However, when i check the loeaded modules with lsmod, they are not there anf I have to load them with modprobe.
How would I go about to have those modules loaded at boot?
thanks
tuxman
Offline
#4 2006-10-16 09:09:31
- onearm
- Member
- From: Anywhere but here
- Registered: 2006-07-06
- Posts: 359
- Website
Re: encrypted swap
also, I added dm_crypt and aes to the MODULE= section of the mkinitcpio-kernel26.conf and created the image.
However, when i check the loeaded modules with lsmod, they are not there anf I have to load them with modprobe.
How would I go about to have those modules loaded at boot?
You can add them to the MODULES= section of rc.conf like
MODULES=(aes dm_crypt)To get something done, a committee should consist of no more than three persons, two of them absent.
--
My Github
Offline
#5 2006-10-16 22:05:52
- mr.MikyMaus
- Member
- From: disabled
- Registered: 2006-03-31
- Posts: 285
Re: encrypted swap
this is interesting.. May I ask why do you want your swap encrypted?
-Miky.
What happened to Arch's KISS? systemd sure is stupid but I must have missed the simple part ...
... and who is general Failure and why is he reading my harddisk?
Offline
#6 2006-10-16 22:44:30
- tuxman
- Member
- From: Ensenada Mexico
- Registered: 2005-08-12
- Posts: 51
Re: encrypted swap
well alot of sensitive stuff end up in the swap partition unencrypted, for instance passwords and other datas you might usually keep in an encrypted container.
If you want to try it on arch 7.2, check my other post.
thanks
tuxman
Offline
#7 2006-10-16 23:18:20
- mr.MikyMaus
- Member
- From: disabled
- Registered: 2006-03-31
- Posts: 285
Re: encrypted swap
well alot of sensitive stuff end up in the swap partition unencrypted, for instance passwords and other datas you might usually keep in an encrypted container.
You've got point 
I never thought about it this way... I see it can make sense on some server or some need-to-be-protected workstation...
But does it make sense on computers where swap is nearly untouched?
Heh, answered myself:) Yes, it does make sense, for example when using suspend-to-disk...
So, my conclusion: Encrypting swap partition(s) makes sense when you need to be sure noone can get any sensitive data from system. I don't think I need it right now, but I may try it sometimes, just out of curiosity. It may become useful once 
-M.
What happened to Arch's KISS? systemd sure is stupid but I must have missed the simple part ...
... and who is general Failure and why is he reading my harddisk?
Offline
Pages: 1