Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity

Ubuntu: Reduce the encrypted swap key size 

eCryptfs uses AES-128.  There is little point in using AES-256 for the
swap.
Richard Laager 2016-08-15 04:17:39 -05:00
parent c1c05d4cb4
commit f5bc7017e4
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Ubuntu-16.04-Root-on-ZFS.md

@ -351,7 +351,7 @@ Choose one of the following options. If you are going to do an encrypted home d
7.2b Create an encrypted swap device: 7.2b Create an encrypted swap device:
# echo cryptswap1 /dev/zvol/rpool/swap /dev/urandom \ # echo cryptswap1 /dev/zvol/rpool/swap /dev/urandom \
swap,cipher=aes-xts-plain64:sha256,size=512 >> /etc/crypttab swap,cipher=aes-xts-plain64:sha256,size=256 >> /etc/crypttab
# systemctl daemon-reload # systemctl daemon-reload
# systemctl start systemd-cryptsetup@cryptswap1.service # systemctl start systemd-cryptsetup@cryptswap1.service
# echo /dev/mapper/cryptswap1 none swap defaults 0 0 >> /etc/fstab # echo /dev/mapper/cryptswap1 none swap defaults 0 0 >> /etc/fstab

2
Ubuntu-16.10-Root-on-ZFS.md

@ -353,7 +353,7 @@ Choose one of the following options. If you are going to do an encrypted home d
7.2b Create an encrypted swap device: 7.2b Create an encrypted swap device:
# echo cryptswap1 /dev/zvol/rpool/swap /dev/urandom \ # echo cryptswap1 /dev/zvol/rpool/swap /dev/urandom \
swap,cipher=aes-xts-plain64:sha256,size=512 >> /etc/crypttab swap,cipher=aes-xts-plain64:sha256,size=256 >> /etc/crypttab
# systemctl daemon-reload # systemctl daemon-reload
# systemctl start systemd-cryptsetup@cryptswap1.service # systemctl start systemd-cryptsetup@cryptswap1.service
# echo /dev/mapper/cryptswap1 none swap defaults 0 0 >> /etc/fstab # echo /dev/mapper/cryptswap1 none swap defaults 0 0 >> /etc/fstab