Auto crypting of swap now possible w/ fstab option in master
Tim Darby
t+dfbsd at timdarby.net
Sun May 24 00:06:11 PDT 2015
On Sat, May 16, 2015 at 2:04 PM, Matthew Dillon <dillon at apollo.backplane.com
> wrote:
> A more sophisticated encrypted swap using LUKS was already available and
> could be set up via the installer, capable of encrypting swap and dumps.
> Manual configuration through luks is a bit messy though.
>
> This feature provides a simpler way to just encrypt swap with a random key
> via /etc/fstab, perhaps as a preface to potentially implementing more
> sophisticated crypto features in /etc/fstab in the future that use dm-crypt
> directly and bypass LUKS.
>
> The master branch now has experimental automatic crypting of swap
> available.
> If using master, simply recompile and reinstall the /usr/src/sbin/swapon
> utility and then specify 'crypt' as a swap option in your /etc/fstab.
> For example:
>
> # Device Mountpoint FStype Options Dump
> Pass#
> /dev/da0s1b none swap sw,crypt,trim 0 0
>
I set this up today and so far it's working great (with swapcache). Will
this eventually work with serno device names?
Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20150524/1d8e5817/attachment-0002.html>
More information about the Users
mailing list