Hi! * Martin Hermanowski <martin@martin.mh57.net> [20030116 01:18]: > On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote: > > >>>>> "Andreas" == Andreas Kotes <count@c-base.org> writes: > > Andreas> patch-int is all of the above combined, for (optional) > > Andreas> compilation into the kernel. > > > > That would have been my guess too. > > > > BTW, I've also grepped through the cryptoapi and cryptoloop sources, and > > they seem to be only allocating memory at initialization and in the > > digest functions too (which would be expected). Yay! I guess I'll be > > setting up encrypted swap soon! :-) (sure - patch-int is cryptoapi+cryptoloop+ipsec_tunnel - see http://www.kerneli.org/about/) > Is it possible to use swsusp and crypto-swap? I'ld say no, because there > is no way for the kernel to get the key before swsusp resumes. d'accord. > It there any other way to do this? unless you use nvram or an external (cryptographic) token - no (storing it on harddisk would be ridiculously stupid) .. I know of no current implementation, but this could be done using e.g. Java iButtons, SmartCards (e.g. Schlumberger Cryptoflex), USB Tokens and the like. You'd want to authenticate against the USB Token on resume, thou. Count -- Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine. Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228 Our Life is what our thinking makes it.. Your mind is a weapon! Load it ..
Attachment:
pgpJTu31FBAWt.pgp
Description: PGP signature