Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-08-09 22:42:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

- Wipe LUKS Disk Encryption Key for Root Disk from RAM during Shutdown to defeat Cold Boot Attacks

Browse source 
- Confirm in console output if encrypted mounts (root disk) is unmounted. (Because that is a pre-condition for wiping the LUKS full disk encryption key from RAM.)

Thanks to @friedy10!

https://github.com/friedy10/dracut/tree/master/modules.d/40sdmem

https://forums.whonix.org/t/is-ram-wipe-possible-inside-whonix-cold-boot-attack-defense/5596
This commit is contained in:
Patrick Schleizer 2022-06-29 09:32:55 -04:00
parent adca1ebdf6
commit 38cdf2722b
No known key found for this signature in database
GPG key ID: CB8D50BB77BB3C48
4 changed files with 30 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
usr/lib/dracut/modules.d/40sdmem-security-misc/README.md Normal file
View file

@ -0,0 +1,4 @@
### Make sure sdmem is part of the initramfs
sudo apt-get install secure-delete
sudo dracut --include /usr/bin/sdmem /bin/sdmem --force