--SLDf9lqlvOQaIe6s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

On Mon, Feb 10, 2003 at 12:38:50PM +0100, Paul de Weerd wrote:
> What if the encryption key used to encrypt your cgd device is stored
> in unencrypted swap ?
>=20
> I'm not saying encrypted fs's are useless without encrypted swap, just
> that there is the point you made - don't delude yourself into thinking
> you're unltimately secure with cgd and unencrypted swap.

Uhm, this hint might have been given upthreads already, but you can use
cgd with a random, secret key as your swap device. At least this is mention=
ed
in the documentation.

However, your cpulage will go up a lot on ancient workstations.

Regards,
	-is

--SLDf9lqlvOQaIe6s
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBPkertjCn4om+4LhpAQGHPAf9Fjf73XX8QzhqVY9Jyf4w10w+mtEOmPra
+STmtEn0os83/jFhS44wCAqHSgYDwYsRnvNg1oNXs/RBbIK0+d3CBK3JBiXBppZc
E+4dcpPv+OLS9cRksmux79AGsoXH7o+FM2PmUqiyen42vCMf4cvU9vl73gLBULDl
d5jGupqksND1d+psrvcgeuK48KetaQzFZM3YnABU8djBojqnTUhyAX+2H8UxhGMN
xIo+0eW5BPPNEbGfx1tbPwY7YamTyh3fqhUvzQVPsynB+ig4GYV1Gbth15BDkWl4
XOeqQzJPbVhRXu1SGAlR2jz4SnHT4lOMFv/ja3LX9RsIXEPJODCOPQ==
=Vhib
-----END PGP SIGNATURE-----

--SLDf9lqlvOQaIe6s--