un peut de mise en page / ajout descriptifs
parent
c6ab075879
commit
3c1eaed54c
|
|
@ -1,42 +1,60 @@
|
||||||
|
# encrypt swap Ubuntu 20.04 with hibernation
|
||||||
|
|
||||||
## prerequisite
|
## prerequisite
|
||||||
|
|
||||||
* all command bellow are run has root
|
* all command bellow are run has root
|
||||||
|
* install ecryptfs
|
||||||
## encrypt swap partition
|
|
||||||
|
~~~
|
||||||
sources :
|
install apt-get install ecryptfs-utils
|
||||||
* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS)
|
~~~
|
||||||
* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap)
|
|
||||||
|
## encrypt swap
|
||||||
|
|
||||||
|
* turn off current swap
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
apt-get install ecryptfs-utils
|
|
||||||
swapoff -a
|
swapoff -a
|
||||||
|
~~~
|
||||||
|
|
||||||
|
* encrypt swap partition
|
||||||
|
|
||||||
|
~~~
|
||||||
cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2
|
cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2
|
||||||
cryptsetup open /dev/nvme0n1p2 cryptswap
|
cryptsetup open /dev/nvme0n1p2 cryptswap
|
||||||
|
~~~
|
||||||
|
|
||||||
|
* set up the crypt partition as swap.
|
||||||
|
|
||||||
|
~~~
|
||||||
mkswap /dev/mapper/cryptswap
|
mkswap /dev/mapper/cryptswap
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow :
|
* ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
/dev/mapper/cryptswap none swap discard 0 0
|
/dev/mapper/cryptswap none swap discard 0 0
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
add your encrypt swap device define in /etc/crypttab
|
* add your encrypt swap device define in /etc/crypttab
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
cryptswap /dev/nvme0n1p2 none luks
|
cryptswap /dev/nvme0n1p2 none luks
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
* enable swap
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
swapon -a
|
swapon -a
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
* edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line.
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
printf "RESUME=UUID=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume
|
printf "RESUME=UUID=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Register these changes.
|
* Register these changes.
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
update-initramfs -u -k all
|
update-initramfs -u -k all
|
||||||
|
|
@ -48,3 +66,7 @@ update-initramfs -u -k all
|
||||||
cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_...
|
cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_...
|
||||||
cryptsetup: WARNING: Couln't determine root device
|
cryptsetup: WARNING: Couln't determine root device
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
## sources
|
||||||
|
* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS)
|
||||||
|
* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue