[dm-crypt] Encrypt all partitions with dm-crypt

Arno Wagner arno at wagner.name
Thu Sep 6 21:58:10 CEST 2012

On Thu, Sep 06, 2012 at 07:53:09PM +0200, Heinz Diehl wrote:
> On 06.09.2012, Arno Wagner wrote: 
> > Encrypted swap is generally fine, as long as it gets a random
> > encryption key on system boot.
> This statement implies that swap is insecure if it doesn't get a
> random encrption key on system boot. Why do you think it is?

I was thinking about automatic swap set-up. If you do that
with a non-random key, you have to store it somewhere and that 
will be a problem. This assumes that encrypted swap is
completely independent from the presence (or absence) of any 
other encryption.

Or are you asking why unencrypted swap is insecure?

Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 

More information about the dm-crypt mailing list