From f22a993dc65915ef4c2b13d1d12d2f9a5e6ca0bc Mon Sep 17 00:00:00 2001 From: Michel Le Cocq Date: Tue, 23 Jun 2020 09:59:32 +0200 Subject: [PATCH] --- encrypt-swap-Ubuntu-20.04.md | 174 ++++++++++++----------------------- 1 file changed, 58 insertions(+), 116 deletions(-) diff --git a/encrypt-swap-Ubuntu-20.04.md b/encrypt-swap-Ubuntu-20.04.md index a5bbde0..851b762 100644 --- a/encrypt-swap-Ubuntu-20.04.md +++ b/encrypt-swap-Ubuntu-20.04.md @@ -1,116 +1,58 @@ -## encrypt swap partition - -sources : -* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS) -* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap) - -~~~ -apt-get install ecryptfs-utils -swapoff -a -cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2 -cryptsetup open /dev/ cryptswap -mkswap /dev/mapper/cryptswap -~~~ - -/!\ le point ci-dessous est sans doute inutile - -* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to remove resume part wich is now manage by initramfs - -~~~ -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" -~~~ - -~~~ -update-grub -~~~ - -Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow : - -~~~ -/dev/mapper/cryptswap none swap discard 0 0 -~~~ - -add your encrypt swap device define in /etc/crypttab - -~~~ -cryptswap /dev/nvme0n1p2 none luks -~~~ - -~~~ -swapon -a -~~~ - -~~~ -printf "RESUME=UUID=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume -~~~ - -Register these changes. - -~~~ -update-initramfs -u -k all -~~~ - -### to be solve - -~~~ -cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_... -cryptsetup: WARNING: Couln't determine root device -~~~ - -## disable encrypt swap partition - -* Turn off swap - -~~~ -swapoff /dev/mapper/cryptswap1 -~~~ - -* Undo the existing mapping. - -~~~ -cryptsetup luksClose /dev/mapper/cryptswap -~~~ - -* remove your encrypt swap device define in your /etc/crypttab - -* ajust /etc/fstab to use your real swap partition - -~~~ -/dev/nvme0n1p2 none swap discard 0 0 -~~~ - -/!\ le point ci-dessous est sans doute inutile - -* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to point to your real partition - -~~~ -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=/dev/nvme0n1p2" -~~~ - -~~~ -update-grub -~~~ - -* edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line. - -~~~ -RESUME=/dev/nvme0n1p2 -~~~ - -Register these changes. - -~~~ -update-initramfs -u -k all -~~~ - -* make your partition a swap - -~~~ -mkswap /dev/nvme0n1p2 -~~~ - -* activate swap - -~~~ -swapon -a -~~~ +## encrypt swap partition + +sources : +* [wiki.archlinux.org - dm-crypt/Swap encryption](https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#LVM_on_LUKS) +* [help.ubuntu.com - Enable Hibernate With Encrypted Swap](https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap) + +~~~ +apt-get install ecryptfs-utils +swapoff -a +cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2 +cryptsetup open /dev/ cryptswap +mkswap /dev/mapper/cryptswap +~~~ + +/!\ le point ci-dessous est sans doute inutile + +* Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to remove resume part wich is now manage by initramfs + +~~~ +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" +~~~ + +~~~ +update-grub +~~~ + +Now ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow : + +~~~ +/dev/mapper/cryptswap none swap discard 0 0 +~~~ + +add your encrypt swap device define in /etc/crypttab + +~~~ +cryptswap /dev/nvme0n1p2 none luks +~~~ + +~~~ +swapon -a +~~~ + +~~~ +printf "RESUME=UUID=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume +~~~ + +Register these changes. + +~~~ +update-initramfs -u -k all +~~~ + +### to be solve + +~~~ +cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_... +cryptsetup: WARNING: Couln't determine root device +~~~ \ No newline at end of file