On 8/14/07, Pavel Machek <[EMAIL PROTECTED]> wrote: > Hi! > > I'd like to commit > > Suspend encryption > ~~~~~~~~~~~~~~~~~~ > > Encryption in suspend.sf.net uses RSA internally; reason is that we > want to only prompt for passphrase on resume. So, during suspend, > image is effectively encrypted with public key, and during resume, > user has to first decrypt private key using passphrase, which then > decrypts the image. > > as a README.encryption . Ok? Any improvements? > Pavel
Hello Pavel, The documentation is OK, but: I think that adding the PK logic into suspend is an overkill... Best to support only symmetric operations, and load symmetric key from a file/handle as losetup does. This allows integration with gpg or smartcard based storage. A sample of implementation can be found at: http://wiki.tuxonice.net/EncryptedSwapAndRoot Best Regards, Alon Bar-Lev. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Suspend-devel mailing list Suspend-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/suspend-devel
