nomad/wiki-system
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Page: encrypt swap Ubuntu 20.04
Pages
Firefox plugins Gimp UHD display PF and Fail2ban on FreeBSD Ubuntu 20.04 encrypt ZFS install Xubuntu UHD display Zpool wrong device name disable encrypt swap partition encrypt swap Ubuntu 20.04 full zfs ecrypt uefi boot trouble preseed ubuntu zfs right fit swap for laptop hibernation Ubuntu 20.04 full ZFS install sleep hibernate xubuntu XPS 13 7390 2 in 1 zfs trouble live boot solution
Clone
36
encrypt swap Ubuntu 20.04
nomad@wund edited this page 2022-02-24 18:54:43 +01:00
Table of Contents

encrypt swap Ubuntu 20.04 with hibernation

prerequisite

  • all command bellow are run has root
  • install ecryptfs
root@laptop:/root# install apt-get install ecryptfs-utils

encrypt swap

  • turn off current swap
root@laptop:/root# swapoff -a
  • encrypt swap partition
root@laptop:/root# cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/nvme0n1p2
root@laptop:/root# cryptsetup open /dev/nvme0n1p2 cryptswap
  • set up the crypt partition as swap.
root@laptop:/root# mkswap /dev/mapper/cryptswap
  • ajust /etc/fstab to use your mapper, replace your encrypt swap device like bellow :
/dev/mapper/cryptswap   none   swap   discard   0   0
  • add your encrypt swap device define in /etc/crypttab
cryptswap   /dev/nvme0n1p2		none	luks
  • enable swap
root@laptop:/root# swapon -a
  • edit /etc/initramfs-tools/conf.d/resume. Replace the existing RESUME line with the following line.
root@laptop:/root# printf "RESUME=/dev/mapper/cryptswap" | tee /etc/initramfs-tools/conf.d/resume
  • Register these changes.
root@laptop:/root# update-initramfs -u -k all
  • Change your /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT to point to remove or be sure there is nothing in resume

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

root@laptop:/root# update-grub

disable encrypted swap

root@laptop:/root# swapoff -a
root@laptop:/root# cryptsetup close cryptswap
root@laptop:/root# mkswap /dev/nvme0n1p2
root@laptop:/root# printf "RESUME=/dev/nvme0n1p2" | tee /etc/initramfs-tools/conf.d/resume
root@laptop:/root# update-initramfs -u -k all
root@laptop:/root# update-grub
  • ajust /etc/fstab to
/dev/nvme0n1p2  none    swap    discard 0       0
#/dev/mapper/cryptswap  none    swap    discard 0       0
  • check
root@laptop:/root# swapon -a
root@laptop:/root# swapon --summary
Nom de fichier				Type		Taille	Utilisé	Priorité
/dev/nvme0n1p2                         	partition	32653308	0	-2
root@laptop:/root#

to be solve

cryptsetup: ERROR: Couln't resolve device rpool/ROOT/ubuntu_...
cryptsetup: WARNING: Couln't determine root device

- don't work anymore after upgrade form 20.04 to 21.04 on Full ZFS with zfs encrypt and encrypted swap but still work if swap is unencrypted.
- just test it sucessfully again (12.2021) on a 20.04 Full ZFS with zfs unencrypt and encrypted swap.

sources