From owner-freebsd-current Sat Jan 11 6:16:20 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAC5C37B401 for ; Sat, 11 Jan 2003 06:16:18 -0800 (PST) Received: from milan.hitnet.rwth-aachen.de (milan.hitnet.RWTH-Aachen.DE [137.226.181.144]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1653443E4A for ; Sat, 11 Jan 2003 06:16:13 -0800 (PST) (envelope-from chris@unixpages.org) Received: from gondor.middleearth (gondor.middleearth [192.168.1.42]) by milan.hitnet.rwth-aachen.de (Postfix) with ESMTP id 00117A91E; Sat, 11 Jan 2003 15:16:11 +0100 (CET) Received: by gondor.middleearth (Postfix, from userid 1001) id 7DF5844CA; Sat, 11 Jan 2003 15:16:11 +0100 (CET) Date: Sat, 11 Jan 2003 15:16:11 +0100 From: Christian Brueffer To: Lucky Green Cc: freebsd-current@FreeBSD.ORG Subject: Re: 5.0 without swap Message-ID: <20030111141610.GJ10036@unixpages.org> References: <20030111110819.1be840f1.flynn@energyhq.homeip.net> <00ba01c2b95a$8d385670$6601a8c0@VAIO650> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="x+RZeZVNR8VILNfK" Content-Disposition: inline In-Reply-To: <00ba01c2b95a$8d385670$6601a8c0@VAIO650> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 5.0-CURRENT X-PGP-Key: http://www.unixpages.org/cbrueffer.asc Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --x+RZeZVNR8VILNfK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jan 11, 2003 at 02:16:45AM -0800, Lucky Green wrote: > Miguel wrote: > > Having no swap will prevent you from getting crashdumps in=20 > > case of panic which, if you run 5.0, is not that unusual.=20 > > Besides these days harddrives cost $1/GB, so why not setup=20 > > the swap partition anyway? >=20 > I don't want cleartext cryptographic keys to ever touch magnetic media, > thus potentially opening the door to future forensic analysis. >=20 > --Lucky, who thought that he once, many years ago, read that there was a > kernel option one should set if you have no swap partition. >=20 >=20 It seems like you can encrypt swap with GBDE, at least that's what one item at http://www.freebsd.org/releases/5.0R/todo.html says. The manpage doesn't mention encrypting swap though. - Christian --=20 http://www.unixpages.org chris@unixpages.org GPG Pub-Key : www.unixpages.org/cbrueffer.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D GPG Key ID : 0xA0ED982D --x+RZeZVNR8VILNfK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+ICcqbHYXjKDtmC0RAkwnAKC7NxQal9M17c1QtfHGLPN/MCatsQCg33ET t0oj0XP7NCfihO9jjHG/inI= =jqNd -----END PGP SIGNATURE----- --x+RZeZVNR8VILNfK-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message