1
I have what I think is a quick question: Is running ecryptfs-setup-swap
on a system that didn't have home-directory or swap encryption enabled when it was installed persistent? The man page at http://manpages.ubuntu.com/manpages/precise/man1/ecryptfs-setup-swap.1.html states that ecryptfs-setup-swap
"will detect existing swap partitions or swap files, and encrypt them, using cryptsetup." I don't understand whether ecryptfs-setup-swap
needs to be run every time the system is booted, or if it just needs to be run once to make a permanent change to how swap space is handled by the system. If the change is permanent, is it permanent for all users on the system, or just the one that runs ecryptfs-setup-swap
(I may be confused about how swap space works in general, I realize)?
To be clear, I do understand that I also need to run ecryptfs-migrate-home
on the system to encrypt the home directory for my user account, and that that change will be persistent. I'm just confused about how swap space is handled.
I would appreciate any information to help me understand better! Thank you!
P.S. A tutorial at http://bodhizazen.net/Tutorials/Ecryptfs states that after using ecryptfs-setup-swap
, "a new entry for your encrypted swap is automatically generated in /etc/fstab , but unfortunately as of this writing ,the old entry is not removed and you must remove it manually (or suffer error messages when you boot)." Is that still true?
Full disclosure: I have also posted this question at https://askubuntu.com/questions/276374/is-ecryptfs-setup-swap-persistent. Once the question is answered either here or there, I will take down the unanswered instance.
Thank you! And thank you for your work on
ecryptfs
! – J L – 2013-04-01T17:03:20.197