diff --git a/encrypt-swap-Ubuntu-20.04.md b/encrypt-swap-Ubuntu-20.04.md index 1f576c2..9dc501d 100644 --- a/encrypt-swap-Ubuntu-20.04.md +++ b/encrypt-swap-Ubuntu-20.04.md @@ -1 +1,92 @@ -Bienvenue sur le Wiki. \ No newline at end of file +## encrypt swap partition + +sources : +* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS) +* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap) + +~~~ +apt-get install ecryptfs-utils +swapoff -a +cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2 +cryptsetup open /dev/ swapDevice +mkswap /dev/mapper/mkswap /dev/mapper/swapDevice +~~~ + +edit : /etc/default/grub + +~~~ +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=/dev/mapper/swapDevice" +~~~ + +~~~ +update-grub +~~~ + +Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow : + +~~~ +/dev/nvme0n1p2 none swap discard 0 0 +~~~ + +remove your encrypt swap device define in /etc/crypttab + +~~~ +swapDevice /dev/nvme0n1p2 none luks +~~~ + +~~~ +swapon -a +~~~ + +Register these changes. + +~~~ +update-initramfs -u -k all +~~~ + +## disable encrypt swap partition + +* Turn off swap + +~~~ +swapoff /dev/mapper/cryptswap1 +~~~ + +* remove your encrypt swap device define in your /etc/crypttab + +* ajust /etc/fstab to use your real swap partition + +~~~ +/dev/nvme0n1p2 none swap discard 0 0 +~~~ + +* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to + +~~~ +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=/dev/nvme0n1p2" +~~~ + +* edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line. + +~~~ +RESUME=/dev/nvme0n1p2 +~~~ + +* make your partition a swap + +~~~ +mkswap /dev/nvme0n1p2 +~~~ + +* activate swap + +~~~ +swapon -a +~~~ + +### to be solve + +~~~ +cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_... +cryptsetup: WARNING: Couln't determine root device +~~~ \ No newline at end of file