Subject: Re: encrypted swap?
To: Michael K. Sanders <email@example.com>
From: Todd Vierling <firstname.lastname@example.org>
Date: 06/04/2001 11:28:45
On Mon, 4 Jun 2001, Michael K. Sanders wrote:
: Has anyone looked at the encrypted swap option Niels Provos added
: to UVM in OpenBSD?
Encryption of swap at the swap-handling level, if this is what the option
you allude to does, is a bit too specific of a feature. To explain:
On 4 Jun 2001 email@example.com wrote:
: There's little point in worrying about encrypted swap before you
: implement encrypted filesystems. (And even then, once you've
: implemented an encrypted filesystem you can swap to an encrypted file,
: so encrypting or even zeroing swap is silly even then.)
All you really need is an encrypted block device layer, similar in concept
to ccd. You can even have swap *partitions* inside such a beast, or any
other kind of data, including filesystems. Oracle device-level databases
(which have a great speed boot over file-based ones) come to mind as another
Now, this was supposedly implemented by one of the TNF developers, then
"lost in the ether"...?
-- Todd Vierling (firstname.lastname@example.org)