On Wed, Jan 18, 2017 at 03:38:57AM -0800, Chris Marusich wrote: > Chris Marusich writes: > > As a bonus, I realized that one could use this feature to encrypt swap, > also. You can encrypt your swap area by using a swap file in the root > file system. Specifically, if you do something like this... > > # Make the file readable/writable only by root. > sudo dd if=/dev/zero of=/swapfile bs=1MiB count=10240 > sudo chmod 600 /swapfile > sudo mkswap --label swap /swapfile > > and then you add a single line to your operating system configuration > file like this... > > (swap-devices '("/swapfile")) > > then your swap file will be automatically mounted during boot. You > don't even have to enter your LUKS passphrase an additional time. I was > pleasantly surprised to find out that encrypted swap was this easy! > This seems like something that would be nice to add to the manual :) -- Efraim Flashner אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted