diff options
author | edef <edef@edef.eu> | 2017-07-05 14:21:49 +0200 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-07-26 08:45:50 +0200 |
commit | 10c6df2e3c2b9d208071447bcd76e4e28e4e12dc (patch) | |
tree | 7ac5f86267567276dbb2c7a4a87f547249fb3bef | |
parent | 4244a16917ea3392b9360e57292e1fab603ed5ef (diff) | |
download | nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar.gz nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar.bz2 nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar.lz nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar.xz nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.tar.zst nixlib-10c6df2e3c2b9d208071447bcd76e4e28e4e12dc.zip |
nixos/…/swap.nix: don't create a LUKS header for randomEncryption
Creating and then erasing the key relies on the disk erasing data correctly, and otherwise allows attackers to simply decrypt swap just using "secretkey". We don't actually need a LUKS header, so we can save ourselves some pointless disk writes and identifiability. In addition, I wouldn't have made the awful mistake of backing up my swap partition's LUKS header instead of my zpool's. May my data rest in peace.
-rw-r--r-- | nixos/modules/config/swap.nix | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/config/swap.nix b/nixos/modules/config/swap.nix index e57ed2565a10..5d47b09ded99 100644 --- a/nixos/modules/config/swap.nix +++ b/nixos/modules/config/swap.nix @@ -149,9 +149,7 @@ in fi ''} ${optionalString sw.randomEncryption '' - echo "secretkey" | cryptsetup luksFormat --batch-mode ${sw.device} - echo "secretkey" | cryptsetup luksOpen ${sw.device} ${sw.deviceName} - cryptsetup luksErase --batch-mode ${sw.device} + cryptsetup open ${sw.device} ${sw.deviceName} --type plain --key-file /dev/urandom mkswap ${sw.realDevice} ''} ''; |