Swap encryption and GnuPG

Robert Connolly robert at linuxfromscratch.org
Thu Feb 24 20:47:10 PST 2005


Sorry for the late reply.

On February 19, 2005 10:29 am, pinotj at club-internet.fr wrote:
> Well, it seems the encrypted swap hint is actually quite complete.
> I checked the source and all the new versions of loop_AES (> 3.0a) use, by
> default, multi-keys encryption. There is no need of special boot scripts
> anymore and GnuPG is not required for this.
>
> Anyway, I did build GnuPG on the HLFS by:
>
>  patch -Np1 -i ../gnupg-1.4.0-loop_AES-3.0b.patch &&
>  sed  -e 's/^CFLAGS .*$/& -pie -fpie/g' \
>   -i `find . -name Makefile.in` &&
>  sed -e 's|/dev/urandom|/dev/frandom|g' -i configure &&
>  ./configure --prefix=/usr --enable-static-rnd=linux \
>   --disable-nls &&
>  make && make install
>
> The question is 'what random device to use' ?
> We can define the NAME_OF_DEV_RANDOM and NAME_OF_DEV_URANDOM
> First, I thought about using frandom instead of urandom to be sure to have
> always enough data but it seems not perfect for crypto and is not
> recommanded. What do you think?

Frandom is tier three, urandom is tier two. Frandom uses a fresh seed, from 
urandom, each time frandom is opened, so I'm not totally against it being 
used for crypto keys, but urandom is more random.. less recycled. Erandom is 
totally unsafe for crypto because it is not seeded each use, its possible if 
someone rooted the box that they could reverse engineer the buffer in erandom 
to figure out all the random data it created previously since it was last 
manually seeded, but its fine for short lived stuff like mktemp.

> Do people think about adding GnuPG in the book?
> If not, I will add all this to the eswap-hint.txt

It should be in (b)hlfs eventually, but not very soon.

> PS: encrypting the /tmp could be really nice too but needs, like root
> encryption, special partitioning before the build. Annoying.
>
> --
> Jerome Pinot
> http://ngc891.blogdns.net/



More information about the hlfs-dev mailing list