Re: Wiping Swap Partitions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



n Wed, 07 May 2003 18:53:00 +0300
Jari Ruusu <jari.ruusu@xxxxxxxxxx> wrote:

> Sam Simpson wrote:
> > I'm thinking of using the following on shutdown:
> > 
> > swapoff -a
> > dd if=/dev/zero of=/dev/hda1 bs=1024k count=64
> > sync
> > mkswap /dev/hda1
> > sync
> > swapon -a
> > 
> > (after checking that hda1 is swap ;).  Any comments or improvements?
> 
> If you are using loop-AES, just set up encrypted swap like this:
> 
> First, run "swapoff -a" to turn off swap devices in your /etc/fstab file.  
> Second, add "loop=/dev/loop?" and "encryption=AES128" options to swap lines
> in your /etc/fstab file. Example:
> 
>  /dev/hda666   none   swap   sw,loop=/dev/loop6,encryption=AES128   0   0  
>                                 ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^
> Third, run "swapon -a" and "rm -rf /var/log/ksymoops" and you are done.
> 
> Running "swapon -a" will set up loop devices using random keys, run mkswap
> on them, and enable encrypted swap on specified loop devices. Usually your
> distro's startup scripts will run the "swapon -a" command so you don't need
> to change your startup scripts at all. As expected, "swapoff -a" will tear
> down such loop devices.
> 
> Regards,
> Jari Ruusu <jari.ruusu@xxxxxxxxxx>
> 
> -
> Linux-crypto:  cryptography in and on the Linux system
> Archive:       http://mail.nl.linux.org/linux-crypto/
> 
> 

Is that work with kernelI (with losetup and mount) patch?
Any kernel Int cipher may be selected?

  

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux