I haven't read where anyone has done this yet, but it is quite simple to
use CryptoAPI for swap devices. Looking back at the list archives I see
that this is very similar to Jari's scheme for swap encryption with
Loop-AES. Here's how I did it:
1. # dd if=/dev/zero of=/SWAP bs=1M count=64
2. # dd if=/dev/urandom bs=1 count=32 2> /dev/null | \
uuencode -m - | cut -c8-29 | tail -2 | head -1 | \
losetup -e aes -k256 -p0 /dev/loop7 /SWAP
3. # mkswap /dev/loop7
4. # swapon -p1 /dev/loop7
And there you have 64MB of encrypted swap. You could run it from a
startup script. You can even use a device, such as a disk partition, in
place of the /SWAP file; just omit the first command. (You also wouldn't
need the first command for an existing swap file.) Oh, and I suppose I
forgot to put "modprobe cryptoloop" as the real first command.
Jari mentioned a potential problem of /dev/urandom lacking in entropy at
boot time. I thought of a partial solution to that: make a script to
swapoff and do it over again, and run it daily, from root's crontab
(preferably at a non-busy time, of course.) Then you would only be
vulnerable for the first day after booting.
Notes and questions: Line 2 is ugly, running four separate processes to
generate the password! Does anyone have any suggestions to improve it?
Also note that I used 256-bit AES. For my use speed would be more
important than top security, so should I perhaps use Blowfish? What key
length would be best? Does the number of characters in the password (see
that I have used 22) matter?
You get a complaint from swapon -v if your /dev/loop* permissions aren't
right. Mine (Slackware 8.0) was root:root 0644, and swapon said it ought
to be 0660.
I don't suppose you would get away with having these swap devices listed
in your fstab. That would all depend upon what point in your startup
sequence that the "swapon -a" command runs. It should work if you put
the other commands first.
Jari mentioned having some reliability problems with his. I haven't had
a chance to test mine out yet. Under a light load it's doing fine with
loop7 (the /SWAP file) and loop6 (a disk partition) as encrypted swap
devices, while I also have another disk partition of unencrypted swap.
Comments and suggestions will be appreciated. As always, thanks to HVR
and Jari and others who are developing cryptographic software.
Rob - /dev/rob0
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
