Trying to set up encrypted swap

Petter Adsen petter at synth.no
Wed Feb 11 07:21:32 UTC 2015 

On Tue, 10 Feb 2015 16:40:17 -0500
John Hupp <ubuntu at prpcompany.com> wrote:

> On 2/9/2015 3:08 AM, Petter Adsen wrote:
> > Hi!
> >
> > I'm trying to set up encrypted swap on my 14.10 machine with
> > "ecryptfs-setup-swap". I have two swap partitions of 4GB each, on
> > separate SSD's. Here's the output:
> >
> > root at fenris:~$ ecryptfs-setup-swap
> >
> > WARNING:
> > An encrypted swap is required to help ensure that encrypted files
> > are not leaked to disk in an unencrypted format.
> >
> > HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM
> > WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
> >
> > NOTE: Your suspend/resume capabilities will not be affected.
> >
> > Do you want to proceed with encrypting your swap? [y/N]: y
> >
> > INFO: Setting up swap: [/dev/sdb2]
> > WARNING: Commented out your unencrypted swap from /etc/fstab
> > INFO: Setting up swap: [/dev/sdc2]
> > WARNING: Commented out your unencrypted swap from /etc/fstab
> > stop: Unknown instance:
> >
> > And then it just sits there. I started this last night, and it's
> > still not finished, doesn't produce any output, and there is no
> > significant load. From what I can see, there's nothing in the logs
> > either.
> >
> > What does the "stop: Unknown instance:" mean? It can't be taking 10+
> > hours to complete, so what do I do? Kill it and start again?
> >
> > I'd really appreciate any advice.
> >
> > Petter
> 
> I have been trying to figure this out also.  Key info at 
> https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1310058 
> and
> https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
> 
> As I understand it to date, one workaround is to patch the 
> ecryptfs-setup-swap script per Comment #3 in bug 1310058, or else to
> run the set of commands provided in the Bug Description on the same
> page to fix up the flawed result of the script.

Thanks, I'll take a look at these. I ended up just killing the script,
and saw that it had indeed modified /etc/fstab correctly and set
up /dev/mapper/cryptswap{1,2} - so I just ran mkswap and swapon, and it
seems to work fine. Haven't rebooted yet, though, so I might get
bitten there :)

Petter

-- 
"I'm ionized"
"Are you sure?"
"I'm positive."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20150211/b534963e/attachment.sig>

More information about the ubuntu-users mailing list