On Tuesday 04 June 2002 12:41 pm, Shawn P. Neugebauer wrote: > On Monday 03 June 2002 10:25 pm, you wrote: > [snip] > > > > > Why bother encrypting my swap? Losta passwords go in there in > > > > plaintext, easily recoverable with a boot disk. > > > > > > Hrm, I'd argue that this isn't true. Many applications specifically > > > pin pages so they aren't swappable (I.e. ssh). Not to mention a > > > healthy linux box shouldn't be swapping bins out to disk while they are > > > being actively used. Have you ever found a password there? > > > > Yea, I grep'ed it for fragments of several passwords I use and found > > them. > > I'm a little skeptical. What size fragment? Statistically, you may find > an arbitrary sequence if it's short enough. Did you actually try this > after having booted with a boot disk?
I did it on an unused swap partition. My root password is over 12 chars long, and it found it twice before i stopped it. > In short, I think one has to be severely paranoid to want to pay the > costs (performance, physical security, time, labor, risk of data > loss--forgetting password--etc.) associated with this. A cost/benefit > analysis is called for. No risk of data loss, (it's setup as a loopback device encrypted with a random password, then a new swap filesytem is created on it) and the proformance loss isn't noticable. _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech