Results 1 to 6 of 6

Thread: directory that stores only in RAM (for decrypting to)

  1. #1

    Default directory that stores only in RAM (for decrypting to)

    Sorry if this is the incorrect forum category, but I don't know where else it might go.

    I don't encrypt entire partitions, but I do encrypt certain important individual files, so that I have several .gpg files here and there. When decrypting these .gpg files, I would prefer to not decrypt them to my hard drive. Rather, I want to only store the decrypted files in RAM. Accordingly, I'm looking for a directory that only stores in RAM.

    What I've come up with so far is:

    /dev/shm and /run/tmpfiles.d

    However, I can't really be sure that those directories are really RAM, as, for one thing, their size is recorded to be 4 gigs, whereas I have 8 gigs of RAM. Also, I tried putting a large file in those directories (a disc image), but after doing that, I checked a RAM meter and it did not show the appropriate increase in usage. So those two things make me think that those directories are NOT RAM. On the other hand, what does suggest that those directories are RAM is that storing files in them does not survive a reboot.

    So... are those directories actually RAM? If not, how can I write to RAM?

  2. #2

    Default Re: directory that stores only in RAM (for decrypting to)

    On 03/04/2014 05:16 AM, rybnik wrote:
    >
    > Sorry if this is the incorrect forum category, but I don't know where
    > else it might go.
    >
    > I don't encrypt entire partitions, but I do encrypt certain important
    > individual files, so that I have several .gpg files here and there.
    > When decrypting these .gpg files, I would prefer to not decrypt them to
    > my hard drive. Rather, I want to only store the decrypted files in RAM.
    > Accordingly, I'm looking for a directory that only stores in RAM.


    Out of curiosity, why not just use full disk encryption? Super easy to
    setup, and it makes all of this much easier. Just a thought...

    > What I've come up with so far is:
    >
    > /dev/shm and /run/tmpfiles.d


    /dev/shm is what I use, yes.

    > However, I can't really be sure that those directories are really RAM,
    > as, for one thing, their size is recorded to be 4 gigs, whereas I have 8
    > gigs of RAM. Also, I tried putting a large file in those directories (a
    > disc image), but after doing that, I checked a RAM meter and it did not
    > show the appropriate increase in usage. So those two things make me
    > think that those directories are NOT RAM. On the other hand, what does
    > suggest that those directories are RAM is that storing files in them
    > does not survive a reboot.
    >
    > So... are those directories actually RAM? If not, how can I write to
    > RAM?


    RAM? Usually. Always? I'm not sure on that. The fact that the size is
    less than your total RAM is a good indicator that it's actually RAM and
    not just generally virtual memory; however, I believe /dev/shm and
    anything else from 'tmpfs' should actually be considered "virtual memory",
    meaning it is RAM whenever possible but could also be sent to swap (files
    or partition) which may or may not be encrypted on your system (see my
    note about full disk encryption again). If you have no swap (like my
    laptop here) then there is no reason to think that any swapping will
    happen to disk and you're safe; if you do have swap, encrypt it, or be
    sure to make sure you do not put enough in /dev/shm to use it, or be sure
    to somehow clean it up before you lose control of your disks.

    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below...

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,684
    Blog Entries
    3

    Default Re: directory that stores only in RAM (for decrypting to)

    Quote Originally Posted by rybnik View Post
    I don't encrypt entire partitions, but I do encrypt certain important individual files, so that I have several .gpg files here and there.
    On some of my systems, I mount "/tmp" as "tmpfs". I do that with an entry in "/etc/fstab"
    Code:
    none   /tmp    tmpfs   defaults        0 0
    though you can probably use "tmpfs" in place of that "none".

    It defaults to half of RAM size (your 4G). As far as I know, there is no guarantee that it won't be partly in swap. I recommend that you encrypt swap.

    If you don't hibernate, then you can randomly encrypt swap. That way, you don't have to enter a key on boot. (If you want details, ask).
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

  4. #4

    Default Re: directory that stores only in RAM (for decrypting to)

    Thank you, both.

    Quote Originally Posted by ab
    Out of curiosity, why not just use full disk encryption? Super easy to
    setup, and it makes all of this much easier. Just a thought...


    Noted. But doesn't that adversely affect read/write speeds? My hard drive is only 5400rpm.

    Quote Originally Posted by ab
    RAM? Usually. Always? I'm not sure on that. The fact that the size is
    less than your total RAM is a good indicator that it's actually RAM and
    not just generally virtual memory; however, I believe /dev/shm and
    anything else from 'tmpfs' should actually be considered "virtual memory",
    meaning it is RAM whenever possible but could also be sent to swap
    I see. The files I encrypt are small text files (bank info, etc.) , so from that, I think it's safe to say that they get put into RAM.

    Quote Originally Posted by nrickert
    It defaults to half of RAM size (your 4G).
    Aha.

  5. #5
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,684
    Blog Entries
    3

    Default Re: directory that stores only in RAM (for decrypting to)

    Quote Originally Posted by rybnik View Post
    Noted. But doesn't that adversely affect read/write speeds? My hard drive is only 5400rpm.
    Disk speed should not be relevant here. There is no addition disk activity with an encrypted partition. The additional cost is CPU cycles to do the encryption/decryption.

    I'm using crypto (actually, an encrypted LVM) on several systems. Even on a older slowish 32-bit system, the cost of the crypto is small enough that I do not notice it.
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

  6. #6
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: directory that stores only in RAM (for decrypting to)

    On 2014-03-04 18:06, rybnik wrote:
    >
    > Thank you, both.
    >
    > ab Wrote:
    >> Out of curiosity, why not just use full disk encryption? Super easy to
    >> setup, and it makes all of this much easier. Just a
    >> thought...

    >
    > Noted. But doesn't that adversely affect read/write speeds? My hard
    > drive is only 5400rpm.


    No.

    Actually, the faster the hard disk is, the more the delay due to
    encryption would be noticed.

    The delay is CPU and memory bound. If they are reasonably fast, they
    have the data ready for the disk faster than the disk can write it.


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 13.1 x86_64 "Bottle" at Telcontar)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •