From 13aa7a28d9547c32f487432c5c560c0732c14e1c Mon Sep 17 00:00:00 2001 From: Michel Le Cocq Date: Tue, 23 Jun 2020 09:42:29 +0200 Subject: [PATCH] /// --- encrypt-swap-Ubuntu-20.04.md | 212 ++++++++++++++++++----------------- 1 file changed, 110 insertions(+), 102 deletions(-) diff --git a/encrypt-swap-Ubuntu-20.04.md b/encrypt-swap-Ubuntu-20.04.md index 4ee8fb3..992bb33 100644 --- a/encrypt-swap-Ubuntu-20.04.md +++ b/encrypt-swap-Ubuntu-20.04.md @@ -1,102 +1,110 @@ -## encrypt swap partition - -sources : -* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS) -* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap) - -~~~ -apt-get install ecryptfs-utils -swapoff -a -cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2 -cryptsetup open /dev/ cryptswap -mkswap /dev/mapper/mkswap /dev/mapper/cryptswap -~~~ - -edit : /etc/default/grub - -~~~ -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=UUUUUUU" -~~~ - -~~~ -update-grub -~~~ - -Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow : - -~~~ -/dev/mapper/cryptswap none swap discard 0 0 -~~~ - -add your encrypt swap device define in /etc/crypttab - -~~~ -cryptswap /dev/nvme0n1p2 none luks -~~~ - -~~~ -swapon -a -~~~ - -Register these changes. - -~~~ -update-initramfs -u -k all -~~~ - -### to be solve - -~~~ -cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_... -cryptsetup: WARNING: Couln't determine root device -~~~ - -## disable encrypt swap partition - -* Turn off swap - -~~~ -swapoff /dev/mapper/cryptswap1 -~~~ - -* remove your encrypt swap device define in your /etc/crypttab - -* ajust /etc/fstab to use your real swap partition - -~~~ -/dev/nvme0n1p2 none swap discard 0 0 -~~~ - -* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to - -~~~ -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=/dev/nvme0n1p2" -~~~ - -~~~ -update-grub -~~~ - -* edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line. - -~~~ -RESUME=/dev/nvme0n1p2 -~~~ - -Register these changes. - -~~~ -update-initramfs -u -k all -~~~ - -* make your partition a swap - -~~~ -mkswap /dev/nvme0n1p2 -~~~ - -* activate swap - -~~~ -swapon -a -~~~ \ No newline at end of file +## encrypt swap partition + +sources : +* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS) +* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap) + +~~~ +apt-get install ecryptfs-utils +swapoff -a +cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2 +cryptsetup open /dev/ cryptswap +mkswap /dev/mapper/cryptswap +Configure l'espace d'échange (swap) en version 1, taille = 31,1 GiB (33420210176 octets) +pas d'étiquette, UUID=4fd1ffc-6d5b-450a-9737-abf1ffb80b1 +~~~ + +edit : /etc/default/grub + +~~~ +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=UUID=4fd1ffc-6d5b-450a-9737-abf1ffb80b1" +~~~ + +~~~ +update-grub +~~~ + +Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow : + +~~~ +/dev/mapper/cryptswap none swap discard 0 0 +~~~ + +add your encrypt swap device define in /etc/crypttab + +~~~ +cryptswap /dev/nvme0n1p2 none luks +~~~ + +~~~ +swapon -a +~~~ + +/!\ ici faut trouver comment on recupere le blkid de la partition swap + +~~~ +printf "RESUME=UUID=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume +~~~ + +Register these changes. + +~~~ +update-initramfs -u -k all +~~~ + +### to be solve + +~~~ +cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_... +cryptsetup: WARNING: Couln't determine root device +~~~ + +## disable encrypt swap partition + +* Turn off swap + +~~~ +swapoff /dev/mapper/cryptswap1 +~~~ + +* remove your encrypt swap device define in your /etc/crypttab + +* ajust /etc/fstab to use your real swap partition + +~~~ +/dev/nvme0n1p2 none swap discard 0 0 +~~~ + +* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to + +~~~ +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=/dev/nvme0n1p2" +~~~ + +~~~ +update-grub +~~~ + +* edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line. + +~~~ +RESUME=/dev/nvme0n1p2 +~~~ + +Register these changes. + +~~~ +update-initramfs -u -k all +~~~ + +* make your partition a swap + +~~~ +mkswap /dev/nvme0n1p2 +~~~ + +* activate swap + +~~~ +swapon -a +~~~