Hi!
> A better approach is to simply encrypt pages that are swapped out
> (either all swap, or configurable per user or per process).
>
> I think Markus Friedl implemented that for OpenBSD, and wrote a paper
> about it. I have no idea how hard it would be on the HURD. I guess the
> code would live somewhere in the (default) pager.
This has been done by Niels Provos for OpenBSD, not specifically for
OpenSSH. He has written a paper about it:
http://www.citi.umich.edu/u/provos/papers/swapencrypt.ps.gz
Martin
