Many applications write temporary data into the /tmp directory. So there is a high chance that an attacker can find secret information simply by looking into /tmp. Another possibility is grepping the swap partition for secret information (maybe by using a linux live cd. Otherwise the data would be overwritten during the boot sequence).
I will show how simple it is to fend such an side channel attack on the swap partition. Maybe I will write a post about encryption of data and /tmp partitions in the future, but at the moment my solution isn't as perfect as it should be and it still needs to be optimized.
Now, let's start encrypting the swap partition. We assume that your swap partition is /dev/sda3. Please fit this to your systems configuration otherwise you can loose some data.
At the first, you have to install the necessary deb packages:
apt-get install cryptsetupNext edit the file
/etc/crypttab:cryptoswap /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=128,hash=ripemd160Now remove the old entry for the swap partition from
/etc/fstab and insert the following:/dev/mapper/cryptoswap none swap sw 0 0Thats all. Now reboot your system and in the future your swap partition should be encrypted.
