Thanks Ronny for the pointers, but I am still wondering, when enough RAM has been freed, why should swap hang on to the objects that were kept there? Why not release them, the way RAM does? (Here I am assuming that you are not doing any form of caching in the RAM)
On Tuesday 27 December 2005 11:39, Ronny wrote: > Thank God am still alive probably my day hasn't come yet. Well am not a > security freak to that extent but he has a point. :-) > > > 1 Encrypting your swap space > > /It's extremely important to encrypt swap space because if something > sensitive is swapped out from ram to hard drive space you might end up > needing to run DBAN over the hard drive for the best part of a week to > make sure no one else can get it. > loop-aes makes it very simple to encrypt swap space, and to boot it > generates and uses a new random key each time. To enable this, simply > modify your fstab entry for swap space:/ > > http://wiki.cacert.org/wiki/LoopAES#head-27cdf2c16fa1b7c4a364a5c2d57db5e492 >2c429c > > > /2 Encrypted swap space is pretty much a prerequisite for everything else > because you don't want data that's encrypted on another device lying > around decrypted in swap space. Fortunately this as well as encrypted > file system volumes > > https://www.redhat.com/archives/fedora-devel-list/2004-July/msg00251.html > > 3 etc... :-) Unfortunately I have nothing to hide sofar > Ronny > Happy new year > / > > ******************************************************************* > PGP Fingerprint: 6695 794A B84E D922 88FB 73CC 6CBD 8036 B3CD 7304 > We can't become what we need to be by remaining what we are > ******************************************************************* > > Lule George William wrote: > >Dear all, > >Hope all of you are still alive after Christmas. Been researching on > > something but stumbled on a posting where some guy is asking for help on > > how to encrypt the swap partition, but he didn't say why he wants to > > encrypt it. I have tried to look at it from different perspectives, but > > considering the circumstances that would force a machine to swap and when > > it does, the time data spends in swap, I still have failed to see why > > someone would need to encrypt swap. Can someone help me on this before I > > dismiss the fellow as an over zealous security freak? -- ************************************************************************ Lule George William (Mr) Network and Systems Administrator Uganda Martyrs University, Nkozi P.O. Box 5498 Kampala Uganda /* The only reason some people are alive is because it is illegal to shoot them */ _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
