cryptoswap free download, cryptoswap download on software download

	cryptoswap The cryptoswap package supports building an encrypted swap partition when a system boots.
Download

cryptoswap Ranking & Summary

Rating:

License:
GPL

Price:
FREE

Publisher Name:
Mike Petullo

Publisher web site:
http://www.flyn.org/projects/cryptoswap/index.html

cryptoswap Tags

cryptoswap Description

The cryptoswap package supports building an encrypted swap partition when a system boots. The cryptoswap package supports building an encrypted swap partition when a system boots. This must be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk.Cryptoswap.sh should be installed in /etc/init.d. During system boot, cryptoswap.sh should execute right before checkroot.sh. When shutting down, cryptoswap should execute after sysklogd.This package also includes an initialization script for building loopback encrypted /tmp. This may be necessary if a system contains encrypted filesystems but / is not encrypted. A link from directories like /var/tmp to /tmp may be appropriate. There are a few other alternatives for systems such as these:1. Tmpfs is a Linux kernel feature that allows /tmp to exist in memory. This is a good solution for systems with a lot of memory and/or (encrypted) swap.2. If you have a system that uses encrypted home directories, per-user temporary directories inside $HOME could be used. This would ensure that user's data is protected but would require that all applications use $HOME/tmp instead of /tmp.Finally, the project may be used to create an encrypted root filesystem. Doing so requires two special partitions. First, create a small partition to hold your kernel and initrd image, /dev/hdaX. Second create a large partition to contain the root of your filesystem, /dev/hdaY.Next configure and install an initrd-based boot system:1. Ensure romfs is compiled in your kernel (not a module).2. Create a kernel-supported filesystem on /dev/hdaX and copy your kernel to /vmlinux.3. Download busybox and extract it as initrd/busybox.4. Update initrd/src/etc/modules.initrd to include any modules needed to boot.5. Build cryptoswap's initrd image (cd initrd && make initrd) and copy it to the filesystem on /dev/hdaX at /initrd.img.gz.6. Make sure you use literal = "root=/dev/ram0 init=/linuxrc rw" or LILO equivalent.Finally, create a proper encrypted filesystem on /dev/hdaY:1. Randomize the partition: dd if=/dev/urandom of=/dev/hdaY.2. Set up a loopback device: openssl enc -d -aes-256-ecb -in initrd/src/etc/efsk | losetup -p0 -e aes /dev/loop0 /dev/hdaY.3. Create the root filesystem: mkfs.ext2 /dev/loop0.4. Mount your new root filesystem: mount /dev/loop0 .5. Populate your new root filesystem.What's New in This Release:· Added initrd build environment.· Documentation update.

cryptoswap Related Software