Welcome to the Linux Foundation Forum!

Lab 22.2. Encrypted Swap - reverse persistent swap encryption

Setting up an encrypted swap partition (or loop device) is pretty straightforward. The lab continues to make it permanent by editing the /etc/fstab and /etc/crypttab files.

However, the reverse process - that is removing the encrypted swap partition and turning it into a normal swap partition - misses an important step: Removing the /etc/crypttab entry for the swap partition.

The lab should perhaps read as follows:

$ sudo swapoff /dev/mapper/swapcrypt
$ sudo cryptsetup luksClose swapcrypt
$ sudo mkswap /dev/sda11
$ sudo vim /etc/crypttab
Remove or comment out the swap configuration
or:
sudo sed -i '/swap,/d' /etc/crypttab
to delete the swap configuration in the crypttab file
$ sudo vim /etc/fstab
Change the swap configuration to how it was before
$ sudo swapon -a

Comments

Categories

Upcoming Training