[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] How do I encypt the swap (partition[s]) under SuSE 9.3 Prof ?
> Can anyone tell me how to encrypt swap under SuSE
> 9.3? This is standard on Mac's and should be as well possible in
On a SUSE 9.2 (default-kernel) system it was almost trivially easy to
set up an encrypted swap, IIRC.
You can try this for your 9.3:
put an entry like
/dev/hdXX swap swap sw,loop=/dev/loopNNN,encryption=AES256,pri=99 0 0
in your /etc/fstab. The "pri=..." part is optional, and you may select
different algrithms for the "encryption=..." part (read the man pages
Replace "XX" with your designated swap device, and replace NNN with a
number from 0-15 to select a loop device (0-15 loop devices seem to be
standard in S92). I use loop 5 and 6, FWIW.
Check with lsmod if you have the AES (or your selected encryption)
module running; I believe it wasn't even necessary to modprobe the
module somewhere in /etc/init.d, but I am not sure about that now.
(My lsmod output shows "aes_i586 .....")
Then, just run "swapoff -a" (just to be sure) and "swapon -a", and
you're all set.
Get back to the list or to me if it doesn't work right away;
my failing memory might be missing some minor step since it's been
a while ...
> PS: Sorry for writing in German on the first posting. Should not happen again ;-)
I hadn't even noticed: ik spreken deuts (sogar richtiges :-) )
(sorry for replying to Chris instead of the list the first time)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here