How to encrypt swap partition on Ubuntu 14.04 LTS

If you installed Ubuntu 14.04 afresh, and selected home folder encryption, you will also get an encrypted swap partition. However, when the computer boots, you get the following error message:
the disk drive for /dev/mapper/cryptswap1 is not ready yet or not present.

Note that you need to have a proper data backup and make sure you understand what you are doing.

This indicates that Ubuntu cannot find the swap partition and is not able to use it. I am very sure on my system, this partition was /dev/sda10. You can find out with:
$ sudo blkid | grep swap <enter>

To overcome above error or to make sure your swap partition is encrypted, open a terminal window and do the following steps:

Turn off all swap partitions
$ sudo swapoff -a <enter>

Close swap partition if it uses LUKS
$ sudo cryptsetup luksClose /dev/mapper/cryptswap1 <enter>

Turn off swap partition
$ sudo swapoff /dev/mapper/cryptswap1 <enter>

Create and format a LUKS partition for swap on /dev/sda10
$ sudo cryptsetup luksFormat --cipher aes-xts-plain64 --verify-passphrase --key-size 256 /dev/sda10 <enter>

Open the encrypted partition
$ sudo cryptsetup luksOpen /dev/sda10 cryptswap1 <enter>

Make the swap partition on cryptswap1
$ sudo mkswap /dev/mapper/cryptswap1 <enter>

Activate swap partitions
$ sudo swapon --all <enter>

Lists the swap partition information
$ sudo swapon --summary <enter>

$ vi /etc/crypttab <enter>
Insert line cryptswap1 /dev/sda10 none luks
Remark all other lines

Set up hibernation
$ sudo vi /etc/initramfs-tools/conf.d/resume <enter>
Insert line RESUME=/dev/mapper/cryptswap1
Save the file.

$ sudo update-initramfs -u -k all <enter>

Reboot the computer, enter your swap encrypted password and verify the swap partition has been encrypted.

Leave a Reply




Blue Captcha Image


January 2019
« Sep