On Fri, Jul 17, 2020 at 02:25:22PM -0400, rhkramer@gmail.com wrote:
On Friday, July 17, 2020 12:09:05 PM David Wright wrote:
On Fri 17 Jul 2020 at 13:22:12 (+0200), Nicolas George wrote:
rhkramer@gmail.com (12020-07-17): […]
Among other things, should I be worried that it won't disappear on power loss / reboot?
Depends on what kind of disappear you want. If all you want is not to have to worry about cleaning up, then you are good with tmpfs.
If you are worried that sensitive data may end up on disk, then encrypt your swap with an ephemeral key.
In the absence of encryption, bear in mind that cleaning up only takes place while the system boots up. Until then, everything remains on the disk and can be examined merely by booting from, say, a USB stick instead.
Just to make sure I understand, you're talking about clean up of swap on an HDD partition, right?
As far as the tmpfs stuff in RAM, it basically disappears when the power decays (after a not too long delay) and barring some kind of NSA techniques to capture it?
(But, I guess I should think about encrypting swap :-(
PC snow-nerf: "You don't need encrytion if you've got nothing to hide, and unless you're visiting friends during the lock down which you must not do because it's like totally illegal, you've got nothing to hide." Alpha nagger: "I don't have to be doing anything wrong, to want my privacy!" (Hush now, you're only s'posed to talk about human rights, not actually live them .. right?) If you're current RAM+swap is say 8GiB+8GiB, one alternative is to consider upgrading RAM to 16GiB and ditching swap entirely. That could save your lazy butt from having to learn how to encrypt swap - and just so you know I do in fact want you to feel good about your choice, it will also mean a faster overall user experience ;D