Dale Amon wrote: > I see that Jarl overwrites with zeroes 20 times on startup > in an attempt to destroy information from the previous > session; however reboot time would seem a bit late to > do this. Many machines never power down except for a > hardware change or kernel update. Even my home workstation > hasn't been rebooted in 10 days. My script reads a md5sum of first 40 KB of previously encrypted swap and uses that as additional entropy for _new_ swap encryption key. 20 overwrites are there to fade out existing traces of that data so that entropy for _new_ key can not be recovered. Later on in the script, that same 40 KB is overwritten once more using encrypted "zero" data, and possibly at runtime with encrypted "swap" data. > Perhaps there should be a stop script in which the > "overwrite ten times" occurs instead/also. No need for that. Swap data is encrypted using unknown key. > Is there any *practicable* way to randomize the swap > file contents before we losetup? No need to do that. Only data that gets written to swap needs to be encrypted. It does not matter if an attacker knows which sectors were written as long as one is using a strong algorithm. > Another question: if you run this script and there is > a swap space already created, your password will go > into it, so you had better make sure this is the > first swap on. This would catch either script. losetup/mount programs lock their RAM so that they cannot be swapped. Shells, uuencode and other programs do not. Regards, Jari Ruusu <jari.ruusu@xxxxxxxxxx> Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
