Swap encryption and GnuPG
robert at linuxfromscratch.org
Thu Feb 24 20:47:10 PST 2005
Sorry for the late reply.
On February 19, 2005 10:29 am, pinotj at club-internet.fr wrote:
> Well, it seems the encrypted swap hint is actually quite complete.
> I checked the source and all the new versions of loop_AES (> 3.0a) use, by
> default, multi-keys encryption. There is no need of special boot scripts
> anymore and GnuPG is not required for this.
> Anyway, I did build GnuPG on the HLFS by:
> patch -Np1 -i ../gnupg-1.4.0-loop_AES-3.0b.patch &&
> sed -e 's/^CFLAGS .*$/& -pie -fpie/g' \
> -i `find . -name Makefile.in` &&
> sed -e 's|/dev/urandom|/dev/frandom|g' -i configure &&
> ./configure --prefix=/usr --enable-static-rnd=linux \
> --disable-nls &&
> make && make install
> The question is 'what random device to use' ?
> We can define the NAME_OF_DEV_RANDOM and NAME_OF_DEV_URANDOM
> First, I thought about using frandom instead of urandom to be sure to have
> always enough data but it seems not perfect for crypto and is not
> recommanded. What do you think?
Frandom is tier three, urandom is tier two. Frandom uses a fresh seed, from
urandom, each time frandom is opened, so I'm not totally against it being
used for crypto keys, but urandom is more random.. less recycled. Erandom is
totally unsafe for crypto because it is not seeded each use, its possible if
someone rooted the box that they could reverse engineer the buffer in erandom
to figure out all the random data it created previously since it was last
manually seeded, but its fine for short lived stuff like mktemp.
> Do people think about adding GnuPG in the book?
> If not, I will add all this to the eswap-hint.txt
It should be in (b)hlfs eventually, but not very soon.
> PS: encrypting the /tmp could be really nice too but needs, like root
> encryption, special partitioning before the build. Annoying.
> Jerome Pinot
More information about the hlfs-dev