OpenSSH Wipe Keys from RAM on Suspend
procmem at riseup.net
procmem at riseup.net
Sun Sep 20 09:17:11 AEST 2020
Hi. There is a new cryptsetup feature that is supposed to protect user
data while the PC is in standby. It wipes the key from RAM when sleep
events are triggered. While it protects LUKS, other data and keys loaded
in RAM at the time are still vulnerable to forensic recovery. Can you
please consider adding a sleep key cache wipe feature to OpemSSH?
[1] https://blog.freesources.org//posts/2020/08/cryptsetup-suspend/
More information about the openssh-unix-dev
mailing list