[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor uses swap?

OT, I know, but this is information that all tor node operators should have.

On Tue, Jan 4, 2011 at 8:25 AM,  <andre76@xxxxxxxxxxx> wrote:
> I sure would LOVE to know an easy way to encrypt my swap. ÂMy plan had
> been to do a fresh reinstallation of Ubuntu 10.04 on my dual-boot
> machine but I got to the "encrypt the disk" portion of the installation
> using Alternate CD and quit. ÂThere were too many questions or settings
> that I had no idea what to enter.

If you have a separate swap partition it is very easy to encrypt it on
all GNU/Linux systems.

If you use an ephemerally keyed swap you don't even have to provide a
password at bootâ it will use a new random key at every reboot.

First edit /etc/crypttab, and add a line (or create the file):

swap /dev/sda9 /dev/urandom swap,cipher=aes-lrw-plain,size=256

(replace "sda9" with the name of your swap device, "swapon -s" will
tell you. It is important that you get this right.)

Then edit /etc/fstab and change the swap line to

/dev/mapper/swap        swap                    swap    defaults        0 0

Reboot and your swap will be encrypted (cryptsetup status swap will
give you information on the volume).
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/