Known Bug
There is a bug (see below) that overwrites the UUID
for the partition as soon as data is written to it. Therefore, you cannot use the UUID
to reference the partition to use for encrypted swap.
These days, swap space is hardly ever used. On my machine, swap is only used when I open my 40th tab. When I have no swap, suddenly my computer starts lagging and the browser closes itself. Or in the case of the Chromium
browser, a lot of tabs will suddenly 'die'.
For this reason, referencing /dev/disk/by-uuid/
in your /etc/crypttab
might seem to be working for a while, but as soon as your swap space is actually used, it will overwrite the UUID
because the entire partition is used for encrypted data storage.
Easy Fix
The easy fix is to reference the swap partition by device in your /etc/crypttab
, e.g.:
cryptswap1 /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
Warning: this is probably safe on a laptop (I use it like this), but if you are on a desktop with swappable drives or have other reasons for changing the drive/partition layout, you don't want to do this, as a normal storage partition might suddenly be used for swap.
Note: You need to reboot for this change to take effect, because only when booting will /dev/mapper/cryptswap1
be created.
Proper Fix
The proper way to fix this is to make sure the part of the raw partition that stores the UUID
is not overwritten by encrypted swap data, so it will still be there on reboot. However, I'm not sure where the UUID
is written and how much bytes it takes up. You could, at your own risk, test it like so:
cryptswap1 UUID=abe3c568-c8fd-4dfb-b8e9-0520d442dd61 /dev/urandom swap,offset=36,cipher=aes-cbc-essiv:sha256
Note the offset=36
.
Please if you have an Ubuntu One account log in and go to Bug #1310058 on Launchpad and choose (or click here): "This bug affects me too" so the bug will gain 'popularity' and is more prone to get fixed.
Update 2014-10-27
I also stumbled upon this. Not verified by me. It looks like offset
trick with more verbosity and comments about rebuilding a broken swap.
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1310058/comments/22
Thanks to your comments, @saiarcot895, on further investigation I have discovered what to do.
I have edited /etc/crypttab
to remove the extra line (there was also an extra line in /etc/fstab
, which I removed), and to replace UUID with the partition reference. Hence:
cryptswap1 /dev/sda6 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
I would still like to know how to replace the partition reference with the UUID, but perhaps that's not possible with an encrypted swap.
EDIT:
As far as I can tell, the UUID of an encrypted partition is unavailable until that partition has been decrypted. I have discovered that in the case of an encrypted swap using a random key each boot, the UUID changes each time. Therefore, the UUID is not useful in specifying which encrypted partition to mount.
This can cause a serious problem with removable disks!
Best Answer
After some more trying and bootups I figured out that this seems to work for me:
NOTE: REPLACE the X in sdaX with YOUR partition-number! UUIDs did not work for me!
Install necessary packages:
Format your partition to SWAP
Add or edit the following line to
/etc/crypttab
:Add or edit the line in
/etc/fstab
:Re-enable swap:
Confirm that swap is enabled:
or check your System Monitor app in the Resources tab.