I found that the command to erase swap at shutdown is supposed to look something like this: “dd if=/dev/zero of=/swap bs=1G count=1” I do not know where this command should be inserted and is it safe.
“bs=1GB count=1” what happens if I give too large value for the partition?
Must the swap first be disabled/unmounted first somehow?
Is “/swap” is correct? How do I know what path to insert there to refer to the swap?
What files to edit and how does the complete swap erase script look like?
On 2012-03-09 11:36, samuelktr wrote:
>
> I found that the command to erase swap at shutdown is supposed to look
> something like this: “dd if=/dev/zero of=/swap bs=1G count=1” I do not
> know where this command should be inserted and is it safe.
Not safe, as the system will not find a swap on next boot. You have also to
recreate swap. You also have to disable swap before deleting it. As for
where… investigate the shutdown scripts.
> 1) “bs=1GB count=1” what happens if I give too large value for the
> partition?
You destroy the next partition >:-)
(there is an error in that statement I leave for the student)
> 2) Must the swap first be disabled/unmounted first somehow?
Yes indeed.
> 3) Is “/swap” is correct? How do I know what path to insert there to
> refer to the swap?
There is no path for swap. You have to point to the device holding it and
make no mistakes.
> 4) What files to edit and how does the complete swap erase script look
> like?
You will have to investigate terra ignota.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
I do not know where you found it, but it seems nonsense to me. There is (normaly) not such a directory as /swap (and when there is, it is certainly not the same as the Swap partition). Well to go for your point one by one:
As you the command does not mention a partition, the answer here is “not applicable”. But in general when you dd “to much” this will not “spill over a the end of the thing you write to” (as you seem to be afraid) for the same reason as nothing can write onto space not belonging to it. Also, when you do not mention the count=, it will simply do the whole file, thus why bothering? And leave also out the bs=, just let it go. Did you read the man dd ?
Of course you must not overwrite active swap space with zeros (or other data at random).
As said, no. Swap can be on partitions or on files. Mostly one has a (one) partition for swap. You have to find out which partition that is (something like /dev/sda1) and you can find this in your* /etc/fstab*, but do not take the wrong one or you will destroy some other partition beyond recocnition.
When your intention is to have a Swap that can not be interpreted by other people when they get hold of your switched off system (after theft or so), better use an encrypted Swap. But as you do not explain why you want to do what you want to do, I can only guess here.
That gives you better privacy that erasing swap, and is automatically supported by the system.
For an existing system, the easy way to setup is:
swapofff -a ## run as root - this disable existing swap. Comment out the swap line in “/etc/fstab”
Then use the Yast partitioner to configure that swap partition as encrypted swap. Tell the Yast partition to format the partition. When prompted for a key, leave that blank. If you have enough memory to be able to run a desktop session without swap, you can just run yast from within KDE or Gnome. Otherwise, you might have to logout and go to the curses version of yast from a command prompt (I haven’t tried that)
Starting with the next boot, the system should use encrypted swap. The encryption should be with a random key, and the crypto setup will make swap after configuring the crypto on each boot.
Thank you for the help. I may try encrypting the swap with Yast then. I would prefer to overwrite swap at shutdown since encryption is overkill and waste of cpu, but I understand that you are telling me this is not practically possible to do.
Why do I need to comment out the swap at fstab? Will Yast add it there again?
For clarity I just repeat the instructions nrickert gave:
I would prefer to overwrite swap at shutdown since encryption is overkill and waste of cpu, but I understand that you are telling me this is not practically possible to do.
We are in fact discussing different things here.
One is: you ask how to write zero bytes to your Swap at shutdown. That is something pure technical that we may be able solve for you. But as we are more or less intelligent Unix/Linux users in our personal background we ask ourselves: “Why in Linus Torvalds name does he want to do a thing like that”? And you still did not answer that one.
Two is that some of us assume (though we do not realy know until you confirm this), that you want to take a security action preventing your disk swap space to be interpretable by strangers. Now the accepted solution for that is: encryption. But when you thought it all over and came to the conclusion that all those people, who contemplated on this and advise to do that encryption, are wrong and you have (in your situation) a better solution, that is OK. But be aware that then we can only answer technicaly on the question as mentioned above (under One) and thus can not guarantee that it is save to do so. Nor has anyone tested if an eventual technical solution realy is as secure as you think it is.
(As something I have thought of and you must have mastered then with your own solution, what when the system stops on a power failure without a proper shutdown. Is it secure then?)
Yes, it will be added again. But it will be a different entry. Instead of, say, “/dev/sda6” it would be something like “/dev/mapper/cr_6” which is the virtual device to access encrypted space.
Your list is fine.
Henk raises good points. We are somewhat guessing what you have in mind. And Malcolm brings up another good point. If you are not using much swap, then the encryption cost will be small. You only pay for what you use.
I am not noticing the encryption cost here, so it is probably minor anyway.
An issue with zeroing swap, I guess, would be if you want to suspend to disk, as your RAM is copied to swap. If the swap-erase shutdown script is not run when you suspend to disk, then your swap would still be there and unencrypted, which may not fit your security/paranoia needs
On 2012-03-10 00:16, brunomcl wrote:
>
> An issue with zeroing swap, I guess, would be if you want to suspend to
> disk, as your RAM is copied to swap. If the swap-erase shutdown script
> is not run when you suspend to disk, then your swap would still be there
> and unencrypted, which may not fit your security/paranoia needs
Absolutely, that’s correct.
It all depends on how big the paranoia or the needs for security. And, if
you have reasons to encrypt swap, you also have them to encrypt the rest:
/tmp, /home…
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)