Tor uses swap?
Gregory Maxwell
gmaxwell at gmail.com
Tue Jan 4 15:13:00 UTC 2011
OT, I know, but this is information that all tor node operators should have.
On Tue, Jan 4, 2011 at 8:25 AM, <andre76 at fastmail.fm> wrote:
> I sure would LOVE to know an easy way to encrypt my swap. My plan had
> been to do a fresh reinstallation of Ubuntu 10.04 on my dual-boot
> machine but I got to the "encrypt the disk" portion of the installation
> using Alternate CD and quit. There were too many questions or settings
> that I had no idea what to enter.
If you have a separate swap partition it is very easy to encrypt it on
all GNU/Linux systems.
If you use an ephemerally keyed swap you don't even have to provide a
password at boot— it will use a new random key at every reboot.
First edit /etc/crypttab, and add a line (or create the file):
swap /dev/sda9 /dev/urandom swap,cipher=aes-lrw-plain,size=256
(replace "sda9" with the name of your swap device, "swapon -s" will
tell you. It is important that you get this right.)
Then edit /etc/fstab and change the swap line to
/dev/mapper/swap swap swap defaults 0 0
Reboot and your swap will be encrypted (cryptsetup status swap will
give you information on the volume).
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list