On Mon, 4 Jun 2001, Michael K. Sanders wrote:

: Has anyone looked at the encrypted swap option Niels Provos added
: to UVM in OpenBSD?

Encryption of swap at the swap-handling level, if this is what the option
you allude to does, is a bit too specific of a feature.  To explain:

On 4 Jun 2001 eeh@netbsd.org wrote:

: There's little point in worrying about encrypted swap before you
: implement encrypted filesystems.  (And even then, once you've
: implemented an encrypted filesystem you can swap to an encrypted file,
: so encrypting or even zeroing swap is silly even then.)

All you really need is an encrypted block device layer, similar in concept
to ccd.  You can even have swap *partitions* inside such a beast, or any
other kind of data, including filesystems.  Oracle device-level databases
(which have a great speed boot over file-based ones) come to mind as another
non-fs application.

Now, this was supposedly implemented by one of the TNF developers, then
"lost in the ether"...?

-- 
-- Todd Vierling (tv@pobox.com)