Subject: Re: questions about netbsd
To: David Maxwell <david@vex.net>
From: Paul de Weerd <paul@mail.me.maar.nu>
List: port-i386
Date: 02/10/2003 02:25:13
On Sun, Feb 09, 2003 at 06:59:11PM -0500, David Maxwell wrote:
| > Another question: Can i encrypt the swap space on netbsd?
|
| Not by flipping a switch on your swapspace, but yes, by swapping to a
| file on an encypted filesystem, for example.
I would prefer a native encryption in such cases. Swapping to a file
sounds like more overhead (although I could be mistaken).
| What attack scenario are you concerned about, such that you want that
| feature?
What's the use of an encrypted filesystem if you have no encrypted
swap ?
Please see http://www.openbsd.org/papers/swapencrypt.ps for more
information on swap encryption and it's implementation in OpenBSD.
Cheers,
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/