I see that some time ago someone released a version of Knoppix 3.2 that would among other things encrypt the swap drive (http://www.bouissou.net/knoppix-mib/doc-html/Knoppix-Mib.html). In the current verson of knoppix, is there an easy way to do this? I use an encrypted persistent home on a USB stick, but when I'm running on any box that has a swap partition, I know I'm leaving clear-text data behind.

Thanks

--One way to do this is disable all type 82 partitions (swap) and comment them in /etc/fstab.

--Then create an encrypted filesystem, and also create a swapfile on that FS after mounting it:

[ insert cryptoloop instructions here ]

' mount blah /mnt/encrypted -odefaults,rw,noatime '

' cd /mnt/encrypted '
' time dd if=/dev/zero of=swapcrypt.swp bs=1M count=64 ' == Create 64MB zero-file
' chmod 700 swapcrypt.swp ' == Make sure only root can read it
' mkswap swapcrypt.swp ' == Make it into a swap area
' swapon swapcrypt.swp ' == Activate it
' swapon -s ' == Check it

--That said, see these links:

( Search for " Debian " on this page )
http://wiki.noreply.org/noreply/TheOnionRouter/OperationalSecurity

http://www.ussg.iu.edu/hypermail/linux/kernel/0108.0/1163.html

http://linuxfromscratch.org/pipermail/hints/2005-March/002819.html

http://www.gentoo.org/proj/en/hardened/disk-cryptography.xml


--I'm pretty sure OpenBSD has encrypted swap, if not by default then at least as an option.



I see that some time ago someone released a version of Knoppix 3.2 that would among other things encrypt the swap drive (http://www.bouissou.net/knoppix-mib/doc-html/Knoppix-Mib.html). In the current verson of knoppix, is there an easy way to do this? I use an encrypted persistent home on a USB stick, but when I'm running on any box that has a swap partition, I know I'm leaving clear-text data behind.

Thanks