cryptoswap
Details
| Size: | 205K |
| Last Update: | 2008-05-22 22:03:46 |
| Version: | 0.0.3 |
| OS Support: | Linux |
| License/Program Type: | GPL (GNU General Public License) |
| Publisher: | Mike Petullo |
| Price: | $0.00 |
Description:
cryptoswap 0.0.3 is monitoring software developed by Mike Petullo.
The cryptoswap package supports building an encrypted swap partition when a system boots. This must be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk.
Cryptoswap.sh should be installed in /etc/init.d. During system boot, cryptoswap.sh should execute right before checkroot.sh. When shutting down, cryptoswap should execute after sysklogd.
This package also includes an initialization script for building loopback encrypted /tmp. This may be necessary if a system contains encrypted filesystems but / is not encrypted. A link from directories like /var/tmp to /tmp may be appropriate. There are a few other alternatives for systems such as these:
1. Tmpfs is a Linux kernel feature that allows /tmp to exist in memory. This is a good solution for systems with a lot of memory and/or (encrypted) swap.
2. If you have a system that uses encrypted home directories, per-user temporary directories inside $HOME could be used. This would ensure that user's data is protected but would require that all applications use $HOME/tmp instead of /tmp.
Finally, the project may be used to create an encrypted root filesystem. Doing so requires two special partitions. First, create a small partition to hold your kernel and initrd image, /dev/hdaX. Second create a large partition to contain the root of your filesystem, /dev/hdaY.
Next configure and install an initrd-based boot system:
1. Ensure romfs is compiled in your kernel (not a module).
2. Create a kernel-supported filesystem on /dev/hdaX and copy your kernel to /vmlinux.
3. Download busybox and extract it as initrd/busybox.
4. Update initrd/src/etc/modules.initrd to include any modules needed to boot.
5. Build cryptoswap's initrd image (cd initrd && make initrd) and copy it to the filesystem on /dev/hdaX at /initrd.img.gz.
6. Make sure you use literal = "root=/dev/ram0 init=/linuxrc rw" or LILO equivalent.
Finally, create a proper encrypted filesystem on /dev/hdaY:
1. Randomize the partition: dd if=/dev/urandom of=/dev/hdaY.
2. Set up a loopback device: openssl enc -d -aes-256-ecb -in initrd/src/etc/efsk | losetup -p0 -e aes /dev/loop0 /dev/hdaY.
3. Create the root filesystem: mkfs.ext2 /dev/loop0.
4. Mount your new root filesystem: mount /dev/loop0 .
5. Populate your new root filesystem.
What's New in This Release:
Added initrd build environment.
Documentation update.
cryptoswap 0.0.3 supports english interface languages and works with Linux.
Downloading cryptoswap 0.0.3 will take several seconds if you use fast ADSL connection.
0 comments
Add to
cryptoswap Version History
Related Software
|
|
From category: Operating-Systems-Linux-Distri |
| Foresight Linux 0.9.8.3 is operating systems linux distri software developed by The Foresight Linux Project. Foresight Linux OS is a Distribution which showcases some of the latest and greatest fro... |
|
|
From category: Emulators |
| Yabause is a Sega Saturn emulator.... |
|
|
From category: Networking |
| ARP Tools 1.0.2 is networking software developed by Krzysztof Burghardt. ARP Tools is collection of libnet and libpcap based ARP utilities. ARP Tools project currently contains ARP Discover... |
|
|
From category: Operating-Systems-Linux-Distri |
| DeLi Linux 0.7.1 is operating systems linux distri software developed by DeLi Linux Team. DeLi Linux stands for \"Desktop Light\" Linux. It is a Linux Distribution for old computers, from 486 to Pe... |
|
|
From category: Filesystems |
| OpenAFS is a client-server distributed filesystem.... |
|
|
From category: Backup |
| DVD Backup 0.4.0 is backup software developed by Silvercoders. DVD Backup is an unix shell script providing functionality for backuping files and databases (PostgreSQL, MySQL) on DVD discs.... |
|
|
From category: Backup |
| Backup Buddy 0.85 is backup software developed by Benjamin Smith. Backup Buddy is a set of scripts which make versioned, disk-to-disk, backups via rsync easy. Backup Buddy will allow you to set up... |
|
|
From category: Networking |
| EHNT 0.4 is networking software developed by Nik Weidenbacher. EHNT is a tool which turns streams of Netflow (version 5) data into something useful and human-readable. (Netflow is a UDP-based traff... |
|
|
From category: Operating-Systems-Kernels |
| Amiga Research Operating System 20060207 is operating systems kernels software developed by The AROS Development Team. Amiga Research Operating System (AROS) is a portable and free desktop operatin... |
|
|
From category: Networking |
| CapiSuite 0.4.5 is networking software developed by Gernot Hillier. CapiSuite is an ISDN telecommunication suite providing easy to use telecommunication functions which can be controlled from Pytho... |
|
|
From category: Networking |
| Balance 3.34 is networking software developed by Thomas Obermair. Balance is our suprisingly successful load balancing solution being a simple but powerful generic tcp proxy with round robin load b... |
|
|
From category: Operating-Systems-Linux-Distri |
| AlienDrive Live CD 1.0 is operating systems linux distri software developed by Alien Drive System. AlienDrive Live CD is a linux distribution based on the SLAX Operating System. It is someti... |
|
|
From category: Filesystems |
| EncFS is a FUSE-based encrypted virtual filesystem for Linux.... |
|
|
From category: Operating-Systems-Linux-Distri |
| Black Orion Enterprise Linux Desktop 4.3 is operating systems linux distri software developed by Emiel J.Ph. Obdam. Black Orion Network is an update and system management platform for among others... |
Leave a comment