Encrypted swap on openSuSE 10.3 64-bit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

Last week I installed openSuSE 10.3 (64-bit) on a spare hard drive for testing. Now the setup of an encrypted swap partition is supported as part of the installation process. However, encrypting the entire drive still remains fancywork. The installer asks for a password, no keys are generated for external storage. When booting, the password has to be entered in order to access the swap partition. Below is the result of "less -f /dev/sda1" which serves as encrypted swap.


LUKS272276^@^Aaes^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@cbc-essiv:sha256^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@sha1^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^D^H^@^@^@
^P^Y^H^]a2323239265217*^V363311356305^W362230375300222^Z220.^BiY367207334371255<U+0527>$`^V314327*6
+306w3615301K200^Y^@^@^@
bb4ef524-30f7-4358-b235-6487e7b82514^@^@^@^@^@254q363^@^E362256|343^G314U367236356
[...]

My eyes have seen enough at this point. openSuSE provides your attackers with crucial information. At first glance the encryption via LUKS using AES in cbc-essiv mode with some sha256 hash is revealed. From now on you might be target for further interrogation and torture.
This posting is meant as a notice only.

Kind regards,
Peter
-- 
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux