[nycbug-talk] encrypted swap roundup

Isaac Levy ike
Fri Jul 1 14:20:00 EDT 2005


Hi All,

So after installing OSX 10.4 (Tiger) this week, it seems one of the  
host of goodies is now encrypted swap as an option:

http://www.macosxhints.com/article.php?story=20050509170728423
Seems to be implemented in almost exactly the same way OpenBSD  
encrypted swap is (except apple gives you a GUI checkbox in System  
Prefs to "Use secure virtual memory",

On OpenBSD:

Edit /etc/sysctl.conf
change:

#vm.swapencrypt.enable=1
to:
vm.swapencrypt.enable=1

This facility has been available in OpenBSD for a very long time.

--
On FreeBSD, one can encrypt swap using GBDE, Geom Based Disk Encryption,

http://www.freebsd.org/cgi/man.cgi? 
query=gbde&apropos=0&sektion=0&manpath=FreeBSD+5.4-RELEASE+and 
+Ports&format=html
-or-
http://tinyurl.com/7a76m

http://segment7.net/projects/FreeBSD/encrypted_swap.txt

--
On NetBSD, CGD, CryptoGraphic Disk, can be used to encrypt the swap  
volume:

http://nycbug.org/index.php?NAV=Home&SUBM=20

http://mail-index.netbsd.org/tech-security/2003/04/17/0000.html

--
Anyhow, the Darwin/OSX crypto got me initially exited, hope this post  
is useful to someone.

Rocket-
.ike






More information about the talk mailing list