[dm-crypt] Encrypt all partitions with dm-crypt
arno at wagner.name
Thu Sep 6 21:58:10 CEST 2012
On Thu, Sep 06, 2012 at 07:53:09PM +0200, Heinz Diehl wrote:
> On 06.09.2012, Arno Wagner wrote:
> > Encrypted swap is generally fine, as long as it gets a random
> > encryption key on system boot.
> This statement implies that swap is insecure if it doesn't get a
> random encrption key on system boot. Why do you think it is?
I was thinking about automatic swap set-up. If you do that
with a non-random key, you have to store it somewhere and that
will be a problem. This assumes that encrypted swap is
completely independent from the presence (or absence) of any
Or are you asking why unencrypted swap is insecure?
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
One of the painful things about our time is that those who feel certainty
are stupid, and those with any imagination and understanding are filled
with doubt and indecision. -- Bertrand Russell
More information about the dm-crypt