Randomized Swap

bitcipher · May 7, 2023, 5:35pm

Forgive me if this is already the standard (I haven’t looked into the code), but is the swap space encryption key randomized for each boot?

Back when I used Tails I would activate the internal drive as swap space with a randomized key and it seems like a good feature to have to protect privacy across reboots, if your drive password is ever stolen, or if it’s pulled out under duress.

If it’s not already the standard, is there a place to lodge feature requests?

rustybird · May 7, 2023, 9:19pm

Not yet:

github.com/QubesOS/qubes-issues

Use random encryption key for swap partition

opened 08:27PM - 28 Apr 15 UTC

rustybird

T: enhancement help wanted C: other P: major cryptography

Normally, the disk password entered during the boot process is used to decrypt b…oth the root partition and the swap partition. But if a wrong password is entered initially, subsequent tries prompt separately for the root partition and the swap partion password, i.e. you have to enter the same password twice now. This can be observed by looking at the LUKS UUIDs in the console (after pressing \<ESC\> to leave the plymouth splash screen) or the journal. (Tested on Qubes 3.0 RC1)

But it’s straightforward to set this up if you’re on the Btrfs installation layout. I’ve been using a converter script since Qubes R3.0:

gist.github.com

https://gist.github.com/rustybird/917ac2560fe4e9541d1f

ephemeral_swap

#!/usr/bin/sudo bash
set -xeuo pipefail

# Make a Btrfs layout Qubes R4.1 installation use ephemeral swap.

dev=/dev/sda2
grub_cfg=/boot/grub2/grub.cfg  # BIOS boot
#grub_cfg=/boot/efi/EFI/qubes/grub.cfg  # EFI boot

test -e "$grub_cfg"  # sanity check 1

This file has been truncated. show original

bitcipher · May 7, 2023, 9:27pm

Thank you!

I will be looking at compiling my own Qubes builds moving forward, so might go ahead and just bake the feature in there.