Linux SoftwareSystemMonitoringcryptoswap 0.0.3

cryptoswap 0.0.3


The cryptoswap package supports building an encrypted swap partition when a system boots
Developer:   Mike Petullo
      more software by author →
Price:  0.00
License:   GPL (GNU General Public License)
File size:   205K
Language:   
OS:   
Rating:   0 /5 (0 votes)
Your vote:  
enlarge screenshot


The cryptoswap package supports building an encrypted swap partition when a system boots. This must be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk.

Cryptoswap.sh should be installed in /etc/init.d. During system boot, cryptoswap.sh should execute right before checkroot.sh. When shutting down, cryptoswap should execute after sysklogd.

This package also includes an initialization script for building loopback encrypted /tmp. This may be necessary if a system contains encrypted filesystems but / is not encrypted. A link from directories like /var/tmp to /tmp may be appropriate. There are a few other alternatives for systems such as these:

1. Tmpfs is a Linux kernel feature that allows /tmp to exist in memory. This is a good solution for systems with a lot of memory and/or (encrypted) swap.
2. If you have a system that uses encrypted home directories, per-user temporary directories inside $HOME could be used. This would ensure that user's data is protected but would require that all applications use $HOME/tmp instead of /tmp.

Finally, the project may be used to create an encrypted root filesystem. Doing so requires two special partitions. First, create a small partition to hold your kernel and initrd image, /dev/hdaX. Second create a large partition to contain the root of your filesystem, /dev/hdaY.

Next configure and install an initrd-based boot system:

1. Ensure romfs is compiled in your kernel (not a module).
2. Create a kernel-supported filesystem on /dev/hdaX and copy your kernel to /vmlinux.
3. Download busybox and extract it as initrd/busybox.
4. Update initrd/src/etc/modules.initrd to include any modules needed to boot.
5. Build cryptoswap's initrd image (cd initrd && make initrd) and copy it to the filesystem on /dev/hdaX at /initrd.img.gz.
6. Make sure you use literal = "root=/dev/ram0 init=/linuxrc rw" or LILO equivalent.

Finally, create a proper encrypted filesystem on /dev/hdaY:

1. Randomize the partition: dd if=/dev/urandom of=/dev/hdaY.
2. Set up a loopback device: openssl enc -d -aes-256-ecb -in initrd/src/etc/efsk | losetup -p0 -e aes /dev/loop0 /dev/hdaY.
3. Create the root filesystem: mkfs.ext2 /dev/loop0.
4. Mount your new root filesystem: mount /dev/loop0 .
5. Populate your new root filesystem.

What's New in This Release:
  • Added initrd build environment.
  • Documentation update.
    tags dev hday  root filesystem  your kernel  dev loop0  dev hdax  src etc  encrypted filesystems  your new  new root  initrd src  and copy  initrd image  encrypted swap  

    Download cryptoswap 0.0.3


     http://www.flyn.org/projects/cryptoswap/cryptoswap-0.0.3-1.src.rpm
     http://www.flyn.org/projects/cryptoswap/cryptoswap-0.0.3.tar.gz


    Authors software

    cryptoswap 0.0.3 (by Mike Petullo)
    The cryptoswap package supports building an encrypted swap partition when a system boots


    Similar software

    cryptoswap 0.0.3 (by Mike Petullo)
    The cryptoswap package supports building an encrypted swap partition when a system boots

    BootRoot 0.4 (by Jonathan Rosenbaum)
    BootRoot creates a boot disk with lilo, a kernel and an initrd image

    cryptmount 1.2 (by RW Penney)

    Microdrive 0.2 (by Sreekant Kodela)
    Microdrive is basically a set of scripts which you can use to make your own live linux cd.

    It depends on busybox, isolinux and lin

    pam_mount module 0.18 (by Jan Engelhardt)
    pam_mount is a Pluggable Authentication Module that can mount volumes for a user session.

    This module is aimed at environments wit

    e2fsimage 0.2.0 (by Christian)
    e2fsimage allows you to create ext2 filesystem images, mostly used on Linux systems, by copying an entire directory structure into an

    EncFS 1.3.0 (by Valient Gough)
    EncFS provides an encrypted filesystem in user-space

    Finnix 88.0 (by Finnix Team)
    Finnix is a self-contained, bootable Linux CD distribution ("LiveCD") for system administrators, based on Debian testing "etch".

    Y

    Alphalinux 0.3.1 (by Alphalinux Team)
    Alfalinux is a minidistribuition on two floppy disks much different from other similar products: that is no non-standard/reduced or r

    TCCBOOT 0.1 (by Fabrice Bellard)
    TCCBOOT project is a boot loader able to compile and boot a Linux kernel directly from its source code.

    TCCBOOT is only 138 KB big


    Other software in this category

    GKrellM 2.2.10 (by Bill Wilson)
    GKrellM application is a GTK-based stacked monitor program that charts SMP CPUs, disks,

    lm_sensors 2.10.1 (by Mark S.)

    Loggerithim 7.0.1 (by gphat)
    Loggerithim is an extensible monitoring and remote management package

    SmokePing 2.0.9 (by Tobias Oetiker)
    SmokePing is a delux latency measurement tool

    Pipe Viewer 0.9.6 (by Andrew Wood)

    •     search


    Featured Software

    jEdit 4.3 pre8
    jEdit is an Open Source text editor written in Java

    Opera 9.02
    Surf the Internet in a safer, faster, and easier way with Opera browser

    GNU Aspell 0.60.4
    GNU Aspell is a Free and Open Source spell checker designed to eventually replace Ispell


    Subscribe in Rojo
    Google Reader
    Add to My Yahoo!

    Add to My AOL
    Subscribe with Bloglines
    Subscribe in NewsGator Online
    Add 'nixbit linux software' to Newsburst from CNET News.com
    del.icio.us nixbit linux software


    Top tags