On Fri, Dec 14, 2007 at 05:45:11PM +0200, Lars Nood??n wrote: > Otto Moerbeek wrote: > > On Fri, Dec 14, 2007 at 01:02:42PM +0100, knitti wrote: > > > >> Gilbert, Douglas, > >> > >> swap encryption on OpenBSD is done different than what you > >> advise. just use a sysctl for vm.swapencrypt.enable. Much less > >> maintenance headaches. > > > > besides, since a few releases it has been enabled by default. > > > > -Otto > > It's not that clear if it is, at least on the version of OpenBSD 4.2 I > have. It's very much a plain vanilla setup however, /etc/sysctl.conf says: > #vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap > > To me that implies that the swap is not encrypted by default. > > However, checking sysctl vm.swapencrypt.enable shows that it *is* > enabled by default. > > What would be the correct method for asking for the default sysctl.conf > to be updated? > > -Lars
sysctl.conf does not show commented out default values, but suggested alternatives to default values. -Otto