Re: encrypted swap
Bill Rugolsky Jr. (rugolsky@ead.dsa.com)
Tue, 7 Aug 2001 16:17:23 -0400
On Tue, Aug 07, 2001 at 12:48:34PM -0700, Justin Guyett wrote:
> As someone just pointed out, if the laptop's suspended, the password for
> encrypted swap pretty much has to be in ram, unless you're going to add
> hooks in resume such that before anything even starts running again
> (possible?) it prompts for the decryption password. Otherwise, you can't
> block swap access, and if the data's encrypted, seems like that will crash
> the machine.
Well, one can suspend the machine with swsusp, and supply a passphrase
as a kernel boot option. It is essential to overwrite all copies of that string,
of course. :-)
Regards,
Bill Rugolsky
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/