t1...@protonmail.ch (Tinker), 2018.02.22 (Thu) 06:04 (CET):
> (Marcus, you meant only this 2015-05 thread right?
> https://marc.info/?t=143181498300001 )
yes, I messed the links up! Thanks for the correction.
> I think I like to keep dumps enabled also on a production machine. Even
> if it's incredibly rare, it is possible for a production machine to
> crash, and the dump could be instructive.
>
> (For a production machine with dumps disabled, indeed the default swap
> crypto is sufficient, and indeed using swap in softraid is
> cryptographically redundant.)
>
> I realize the thread subject is not optimal ("SWAP should always be
> inside crypto softRAID, right? (For OS crash dump data to be
> encrypted.)".
>
> Here is the updated subject and query:
>
> "If I want to have crash dumps enabled, while enjoying the crypto
> softraid's physical data theft protection for all data, THEN my SWAP
> partition(s) should be inside the softraid, right?".
>From the thread you cited above...
https://marc.info/?l=openbsd-misc&m=143185991125110&w=2
stsp@:
Keeping swap on the same disk as the root filesystem has some
advantages. For historical reasons the system expects this in various
places. More things (such as hibernate) will work out of the box this
way.
So if you have Full Disk Encryption (FDE) then your swap device should
be inside the encrypted disk, yes.
And, keep swap encryption *on*, although it's on a softraid(4) encrypted
device, according to tedu@:
https://marc.info/?l=openbsd-misc&m=143206067713324&w=2
[...] to the contrary, uvm swap encrypt does a better job of expiring
keys and making old data unrecoverable.
Yet another point: consider abandoning suspend/hibernation with FDE!
Marcus
> On February 9, 2018 6:07 PM, Marcus MERIGHI <mcmer-open...@tor.at> wrote:
> ..
> > there's a 2016-11 thread that's related:
> > "swap on encrypted softraid, performance penalty"
> >
> > stsp@
> > https://marc.info/?l=openbsd-misc&m=143184355522545
> > tedu@
> > https://marc.info/?l=openbsd-misc&m=143206067713324
>
> On February 9, 2018 6:55 AM, Tom Smyth <tom.sm...@wirelessconnect.eu> wrote:
> >Thanks kevin i missed the dump part... agree with disable dump on prod
> > ..enable on dev
>
> On February 9, 2018 6:49 AM, Kevin Chadwick <m8il1i...@gmail.com> wrote:
> >On Thu, 8 Feb 2018 19:39:39 +0000
> >>Afaik swap is encrypted anyway on OpenBSD
> >>
> > It is with a random key which is actually more secure than the softraid
> > key.
> >
> > However to the OPS question relating to dumps.
> >
> > I believe the answer is that dumps are helpful and OpenBSD is a
> > developer system primarily but you should disable them with sysctl for
> > production or if you have concerns.
>
> On February 9, 2018 3:39 AM, Tom Smyth <tom.sm...@wirelessconnect.eu> wrote:
> > Afaik swap is encrypted anyway on OpenBSD
>
> On February 9, 2018 3:30 AM, trondd <tro...@kagu-tsuchi.com> wrote:
> ..
> > Assuming you are doing full disk encryption otherwise, put swap inside the
> > softraid disk. The kernel is hardcoded to look on the boot disk to save
> > dumps. If swap was is on sd0 but you decrypt a partition as sd1 and boot
> > from that, swap is no longer on the same disk.
> >
> > Unless you override with config(8)
> >
> > Tim.
>
