Newbie Q: decryption
Robert J. Hansen
rjh at sixdemonbag.org
Tue Feb 27 06:13:18 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> Having GnuPG use swap partitions/files is a risky business.
As a general principle, I'm unconvinced of the truth of this as a
general statement.
It's risky within certain security models. Let's not go about saying
it's universally risky. Let's also not recommend encrypting swap
space _a priori_ without also warning people of the (massive)
performance penalty that can result from encrypted swap. I recall
seeing some numbers from OpenBSD that indicated encrypted swap
resulted in a 33% slowdown for swap access compared to unencrypted
swap. This could be related to OpenBSD internals or it could be
indicative of a deeper problem with encrypted swap. Either way, the
potential downsides of encrypted swap should be considered before
anyone decides to undertake this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
iQEcBAEBCAAGBQJF473vAAoJELcA9IL+r4EJrHgH/2azJYCxZXWYd53Ir6f7AwSe
X3XmXaX4w3lSD9JbaF7xPlTSlLZThuyfEC59hOKUWiPAd9QcJwkySOx0/rrwVZRp
sAArZgGaTbvInn7R7xKWSUrztXJtM/fNRuP3UOCg7hvNtdVe2E7Oe2Q60fl753Om
p6vk3H93dwyIG2tbJqnJUAXyBhx/Mm5ULct4F99zXHdtgWpvIaylkR0CNvAiLUfM
bm/8zk1uXY+4dAJONUB7uQITMynpbwCEGan9ej8JsQMt5Bv1rDZLW5fc7ra+MLG+
UMEDdFTa7KoRU1c3ljM+dwuzub9+CFoeevsDIUEJ5wn1no2ou/HFuWk4aW44Zto=
=kZwk
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list