1 Aug
2023
1 Aug
'23
23:20
Am 31.07.23 um 03:39 schrieb Lew Wolfgang:
I wonder if swap and /tmp could be encrypted this way too, it might be fun to fiddle with it someday?
If you don't use hibernation, you can encrypt swap with a fresh random key on every boot. In /etc/crypttab you might have encrypted_swap /dev/<swap-device> /dev/urandom swap and in /etc/fstab: /dev/mapper/encrypted_swap swap swap defaults 0 0 While /tmp can simply be tmpfs, /var/tmp is tricky, or generally /var. (There is probably more interesting data in /var/log, especially the journal.) Best regards, Aaron