Linux Mint - Free and powerful

Tuesday, 4 January 2011

Encrypting the swap file in Linux

This one is a bit of tricky one. There are ways to read the swap file but it is all black ops stuff. In general there is no file structure but once you hibernate or sleep data is written to the swap file.

As I am encrypting my disks I may as well encrypt the swap file as well. Encryption is required for me for a number of reasons.

The first is controversial and not a good reason but hey, it is my system ok.

1. Plausible deniability  

Basically it is like in the movies when Americans plead the 5th amendment. Of course I have nothing to hide today but everything can be misconstrued. A harmless looking page could be the trigger what was not really needed. Access to an application could trigger an silent event generator. Etc Etc.

2. Random theft.

I have "lost" one disk. It was take by a colleague and unfortunately it was an important disk with data that I would rather not have shared. After profiling my colleague I came to the conclusion that my ext3 disk would be save as anything outside MS Windows would create a blank stare so I decided not to make a big issue out of losing a 320Gb drive. Stil ...
3. Negligence.

We all know what happened to the Apple dude who left his super secret iPhone on a barstool. Do you really want to Piss Steve jobs off? Did not think so. Better to be save than sorry. 

4. Willful theft.

This is a bad one. Here an expert will try and get your stuff. Think of Sidney Bristow and if your disk is not encrypted you are going to have a bad day!

5. Incompetent officers of the law.

Do you remember Sly saying "I AM THE LAWWWWWW" Well, those fcking idiots do exists. They will do anything to get a hard on and if you stuff that is easy to read they will have your ass.  I a not saying that you should be a baddy but how many wrongful arrests do you know of.

Your short innocent visit to a naturist website could have you locked up for many years and will have you sign a register every month. Not funny when that was not your intension but how to explain that to a bunch of zealots out to make an example of you.

Better to just avoid these scenarios and go for option 1. Plausible Deniability. So here is how you secure your systems to provide at least a first hurdle for over zealous id-jats

Remove your swap entry from /etc/fstab and reboot.

apt-get install cryptsetup libpam-mount

swapoff /dev/sd??

dd if=/dev/urandom of=/dev/sd?? bs=1M

gedit  /etc/crypttab

cryptoswap /dev/sd?? /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,hash=sha256,swap

gedit  /etc/fstab

/dev/mapper/cryptoswap none swap sw 0 0

Reboot and then issue

cryptsetup status cryptoswap

The journey continues :-)


Post a Comment

Thank you for taking the time to comment. Your opinion is important and of value and we appreciate the positive feedback! If you are "Negative Nancy" then please do us, and humanity, a favor, and piss off.

Total Pageviews

Google+ Followers


Blog Archive

Popular Posts

Recent Comments

Rays Twitter feed


Web sites come and go and information is lost and therefore some pages are archived. @rayd123. Powered by Blogger.