Date: Sat, 11 Jan 2003 15:16:11 +0100 From: Christian Brueffer <chris@unixpages.org> To: Lucky Green <shamrock@cypherpunks.to> Cc: freebsd-current@FreeBSD.ORG Subject: Re: 5.0 without swap Message-ID: <20030111141610.GJ10036@unixpages.org> In-Reply-To: <00ba01c2b95a$8d385670$6601a8c0@VAIO650> References: <20030111110819.1be840f1.flynn@energyhq.homeip.net> <00ba01c2b95a$8d385670$6601a8c0@VAIO650>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Sat, Jan 11, 2003 at 02:16:45AM -0800, Lucky Green wrote: > Miguel wrote: > > Having no swap will prevent you from getting crashdumps in > > case of panic which, if you run 5.0, is not that unusual. > > Besides these days harddrives cost $1/GB, so why not setup > > the swap partition anyway? > > I don't want cleartext cryptographic keys to ever touch magnetic media, > thus potentially opening the door to future forensic analysis. > > --Lucky, who thought that he once, many years ago, read that there was a > kernel option one should set if you have no swap partition. > > It seems like you can encrypt swap with GBDE, at least that's what one item at http://www.freebsd.org/releases/5.0R/todo.html says. The manpage doesn't mention encrypting swap though. - Christian -- http://www.unixpages.org chris@unixpages.org GPG Pub-Key : www.unixpages.org/cbrueffer.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D GPG Key ID : 0xA0ED982D [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+ICcqbHYXjKDtmC0RAkwnAKC7NxQal9M17c1QtfHGLPN/MCatsQCg33ET t0oj0XP7NCfihO9jjHG/inI= =jqNd -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030111141610.GJ10036>