Re: Encrypted swap and partitions
OoO Pendant le repas du vendredi 15 août 2003, vers 19:18, Marc Singer
<elf@buici.com> disait:
>> Yes, it is possible. Use mcookie to build a password (or any other
>> tool), then instruct losetup to read the password from stdin (-p 0).
> I must defer to you on this since I cannot reproduce the reference.
> What I recall is that the key was generated on-the-fly by one of the
> kernel components.
To setup encrypted swap, you can do :
dd if=/dev/hda10 bs=1024 count=40 2>/dev/null | mcookie -f /dev/stdin | \
losetup -p 0 -e aes -k 128 /dev/loop0 /dev/hda10
(assuming that /dev/loop0 is free and /dev/hda10 is the swap)
mkswap /dev/loop0
swapon -p 0 /dev/loop0
The dd is used as a third "random" source. Since the swap was
previously encrypted, it is a "good" random source.
--
/* Fuck me gently with a chainsaw... */
2.0.38 /usr/src/linux/arch/sparc/kernel/ptrace.c
Reply to: