Then you can use a hardware token so that the machine will not boot at all
with out it present or write an encrypted super block, but I can't really
see the advantage of encrypted swap. At the point it would become
effective, the attacker is already on the machine (from remote access or
the have physical access) and then its not if you can keep them from
getting the info, its only a matter of when.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/