LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   Is it possible to use two swap partitions for multiple uses? (http://www.linuxquestions.org/questions/linux-general-1/is-it-possible-to-use-two-swap-partitions-for-multiple-uses-901125/)

texasone 09-04-2011 08:12 PM

Is it possible to use two swap partitions for multiple uses?
 
I want to add some security to my computer. And one thing that I want to do is have a random-key encrypted swap part. However, since I am currently working on a laptop, suspend-to-disk is very helpful. So I was wondering if it was possible to set up 2 partitions, one with random key encryption for normal swap functions and a second (either encrypted or plain text) to be used only for suspend to disk functions?
If this is possible, does anyone know how to set it up?
(Sorry if this is already out there. I could only find how to set up priority for normal swap use and not so that one partition is only used for one function.)

Thanks in advance,
RzITex

jefro 09-04-2011 10:35 PM

Some distro's can encrypt a swap. Why don't you just get rid of it? You might be able to use a swap file instead and it would be encrypted with the filesystem.

texasone 09-04-2011 11:32 PM

jefro, encrypting isn't the problem. I always use random key encrypted swap partitions, I was wondering if I could have a second swap that would be used for hibernate only that wasn't encrypted.

SalmonEater 09-05-2011 12:18 AM

I don't know how one could be earmarked for a particular usage, but I've used more than one at once.

+1 jefro => why? Just curious?

texasone 09-05-2011 04:16 AM

Mostly since I always encrypt my swap file with a random key due to some stuff I'm working on. I don't like having my stuff being able to to be read by someone at my computer besides me. A lot of the white hat stuff I'm working on could be taken the wrong way if it was found. However, I wanted the ability to suspend to hard disk sometime, I don't really do so, but I was curious if it was possible to set it up as such so I could have the best of both worlds.

taylorkh 09-05-2011 11:18 AM

When you suspend to your non-encrypted partition (provided you figure out how) would that not expose what you were working on? And even more vulnerable than normal swap as you will be dumping EVERYTHING currently in memory, not just what might overflow during normal usage.

Ken

DavidMcCann 09-05-2011 12:00 PM

Debian has a program (called hibernate!) for controlling hibernation. Try searching the web for "Debian hibernate" for various solutions.

texasone 09-05-2011 02:36 PM

Quote:

Originally Posted by taylorkh (Post 4462104)
When you suspend to your non-encrypted partition (provided you figure out how) would that not expose what you were working on? And even more vulnerable than normal swap as you will be dumping EVERYTHING currently in memory, not just what might overflow during normal usage.

Ken

While very true, the only time that I would use hibernate would be when I have a class that ends when dinner begins. That way I don't have to just use suspend which doesn't play well with my book bag (which is made out of duct tape).

Quote:

Originally Posted by DavidMcCann (Post 4462131)
Debian has a program (called hibernate!) for controlling hibernation. Try searching the web for "Debian hibernate" for various solutions.

I shall have to take a look at that. Thank you

jefro 09-05-2011 04:21 PM

Guess you could make a script to un-swap and re-swap before you hibernate.

BlackRider 09-07-2011 06:32 AM

I am not sure if I understand this.

If you need swap storage so you can load tons of memory to the disk under heavy load, and also to hibernate, you can just place a very big swap partition. With a swap of 150% the size of your RAM, you ensure that you can hibernate your laptop even when it is under heavy memory (>100%) consumption.

Now, if the laptop is dual-user, you can create two swap partitions and encrypt each of them with a different password, while encrypting the rest of the system with two passwords (LUKS volumes support multiple key slots, so they can be accessed by more than one password). Then, you could create two initrams, one pointing to one of the swap partitions and the other pointing to the second. Then, you should add entries to the boot loader so each initram is launchable, and tweak your boot scripts so the system is able to decide which swap to mount.

This way, you have a independent swap space for each user. User One knows a password, while user Two knows other password. They both can boot the system, but cannot launch the swap owned by the other user. This, however, is not a very good idea, because user One could hibernate to swap one, but user Two could turn the computer on later, make important modifications to the system and then turn ofF. When user One tried to resume his hibernation, he could face some errors.


All times are GMT -5. The time now is 09:30 AM.