1
2
I am installing Debian and would like to set up the /swap partition as encrypted.
I am able to select either encrypted physical device or as swap/swap. Are there any methods to create an encrypted /swap partition?
static
Posted 2012-11-12T04:35:03.150
Reputation: 1 087
1
The swap partition can hold a lot of unencrypted confidential information and the fact that it persists after shutting down the computer can be a problem.
Encrypting a swap partition however is slightly tricky if one wants to also support suspend-to-disk (also called hibernation).:
0- Install the cryptsetup package:
apt-get install cryptsetup
1- Setup the encrypted partition as root:
swapoff -a
cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/hda2
cryptsetup luksOpen /dev/hda2 cswap
mkswap /dev/mapper/cswap
2- Add this line to /etc/crypttab:
cswap /dev/hda2 none swap,luks,timeout=30
3- Set the swap partition to be this in /etc/fstab:
/dev/mapper/cswap none swap sw 0 0
4- Configure uswsusp to use /dev/mapper/cswap and write unencrypted data
dpkg-reconfigure -plow uswsusp
You will of course want to replace /dev/hda2 with the partition that currently holds your unencrypted swap.
swapyonubuntu
Posted 2012-11-12T04:35:03.150
Reputation: 732
1
alternately you can also try this tutorial :http://www.microhowto.info/howto/create_an_encrypted_swap_area.html
– swapyonubuntu – 2012-11-12T07:07:25.430