[Encryption] swap versus partition

thomas.bucaioni

At startup, the password is asked for the partition, but not for the swap. Is it still ok?

coop

please give more details if you are going to post.

thomas.bucaioni

At startup, the system asks for the password for the data partition, but not for the swap partition. Since we are not supposed to access the swap partition manually, I guess there is no reason for the password to be typed in, but I'm asking to be sure I didn't miss something

coop

If the swap partition is not set up to be encrypted, they no password is necessary. You can do this and we have done it in other courses. IF you use a swap file instead of a partition, then it will use the encryption of the filesystem it is on. Note that with SSDs swap files are no longer looked down upon so much instead of partitions, and Ubuntu uses only swap files by default now. Some distros now use zswap which uses compressed memory for swap now (Fedora does this) but it can be a little tricky to set up if it doesn't come out of the box by default.

thomas.bucaioni

The swap I've setup is a file and on a filesystem that is not encrypted... This seems to be why no password is asked at startup. First, I'll retry by encrypting the partition where the swapfile is. But then, I would expect the password to be asked for the whole partition, not the swapfile in particular

thomas.bucaioni

If the swap file is encrypted but on an unencrypted partition, is it still encrypted? It looks like encrypted swap files don't need to be on an encrypted partition to work as expected.
Otherwise, there would be no point in encrypting swap files...

coop

yes it will be encrypted

thomas.bucaioni

Of course... Thank you