[ltp] Suspend with crypted swap?

U Kuehn linux-thinkpad@linux-thinkpad.org
Fri, 07 Sep 2007 15:54:42 +0200


Igor,

Igor V. Rafienko wrote:
> 
> All the other data is public.
> 
> It make sense to encrypt /tmp too, but what sensitive information, do
> you think, is available from /, which does not come from /home or swap?
> The only thing I can think of is the wpa_supplicant.conf, but it is
> easier to move it to an encrypted partition (rather than encrypt /).
> 

Just assume that you have mounted an encrypted partition, like /home.
The key is in the kernel in clear. Luckily the kernel will overwrite the
key on unmapping a dm-crypted device, otherwise the key might hang
around an unknown time in some freed kernel memory before being overwritten.

Or think of thunderbird keeping your gnpg passphrase around for, say, an
hour. It is in clear or in a form that can be recovered from a memory dump.

Always remember that suspend-to-disk writes a memory dump to the
hibernation file like the swap partition. So all the mentioned secrets
are written in clear to disk if the hibernation file is not encrypted.

Is this enough reason for you to suspend into encrypted swap?

Regards,
Ulrich