Welcome to the Linux Foundation Forum!
Lab 10.2 Debian 8 don't ask me any password
Santos82h
Posts: 8
Hello
I did the lab 10.2 just as it is explained but when I reboot my Debian 8 it don't ask any password for my swap partition.
This is what I did:
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/sda5 partition 4193776 0 -1
$ sudo swapoff /dev/sda5
$ sudo cryptsetup luksFormat --cipher aes /dev/sda5
$ sudo cryptsetup luksOpen /dev/sda5 swapcrypt
$ sudo mkswap /dev/mapper/swapcrypt
$ sudo swapon /dev/mapper/swapcrypt
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ sudo dmsetup info /dev/dm-0
Name: swapcrypt
State: ACTIVE
Read Ahead: 256
Tables present: LIVE
Open count: 2
Event number: 0
Major, minor: 254, 0
Number of targets: 1
UUID: CRYPT-PLAIN-swapcrypt
$ sudo nano /etc/crypttab
swapcrypt /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256
$ sudo nano /etc/fstab
/dev/mapper/swapcrypt none swap defaults 0 0
$ sudo reboot
...
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ cat /proc/meminfo | grep Swap
SwapCached: 0 kB
SwapTotal: 265212 kB
SwapFree: 265212 kB
Filename Type Size Used Priority
/dev/sda5 partition 4193776 0 -1
$ sudo swapoff /dev/sda5
$ sudo cryptsetup luksFormat --cipher aes /dev/sda5
$ sudo cryptsetup luksOpen /dev/sda5 swapcrypt
$ sudo mkswap /dev/mapper/swapcrypt
$ sudo swapon /dev/mapper/swapcrypt
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ sudo dmsetup info /dev/dm-0
Name: swapcrypt
State: ACTIVE
Read Ahead: 256
Tables present: LIVE
Open count: 2
Event number: 0
Major, minor: 254, 0
Number of targets: 1
UUID: CRYPT-PLAIN-swapcrypt
$ sudo nano /etc/crypttab
swapcrypt /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256
$ sudo nano /etc/fstab
/dev/mapper/swapcrypt none swap defaults 0 0
$ sudo reboot
...
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ cat /proc/meminfo | grep Swap
SwapCached: 0 kB
SwapTotal: 265212 kB
SwapFree: 265212 kB
The pass is only asked when I did `sudo cryptsetup luksOpen /dev/sda5 swapcrypt` but no when debian reboot
0
Comments
-
Hi,
What happened in Lab 10.1? Did it work or fail? I ask to know if the exercise is not working for Debian 8 and swap only. There uses to be some small differences between distros. In fact, look at this:
https://wiki.debian.org/TransparentEncryptionForHomeFolder
If you want to encrypt the swap partition too:
sudo apt-get install cryptsetup
sudo ecryptfs-setup-swap
Regards,
Luis.0 -
Hi Luis
Lab 10.1 was fine in debian 8. No problem there.
Also I did
sudo apt-get install cryptsetup
before trying lab 10.1 and 10.2
but ecryptfs-setup-swap not seen work:
$ sudo ecryptfs-setup-swap
sudo: ecryptfs-setup-swap: command not found
$ sudo apt-get install ecryptfs-setup-swap
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
E: No se ha podido localizar el paquete ecryptfs-setup-swap
0 -
Hi,
The right package name is ecryptfs-utils. When you don't know the package name you can search here:
https://packages.debian.org
In this case you can search for 'package contents' and ecryptfs-setup-swap. And you will get an output like this:
File Packages
/usr/bin/ecryptfs-setup-swap ecryptfs-utils
So please install the package and try again.
Regards,
Luis.0 -
Hello
now the problem is:
$ sudo ecryptfs-setup-swap
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/sda5]
WARNING: Commented out your unencrypted swap from /etc/fstab
swapon: fallo de 'stat': /dev/mapper/cryptswap1): No existe el fichero o el directorio
:___
0 -
Santos82h wrote:Hello
now the problem is:
$ sudo ecryptfs-setup-swap
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/sda5]
WARNING: Commented out your unencrypted swap from /etc/fstab
swapon: fallo de 'stat': /dev/mapper/cryptswap1): No existe el fichero o el directorio
:___
sounds like Linux did not want to mount and unecrypted swap partition. Before you encrypt you swap, thoroughly read the manpage for that encryption software and practice on a space swap to allow yourself to break it to learn.
Since the swap you have in /fstab is not encrypted, remove and run sudo ecryptfs-setup-swap again.0 -
Hi,
1) It may be related to an UUID change, as it happened to this guy here:
http://foro.ubuntu-guia.com/Como-hacer-que-LMDE-reconozca-la-SWAP-td3683054.html
2) Or it may be related to a bug:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
So, please start with 1) and check what you have in /etc/fstab, confirm if the UUID is ok.
Regards,
Luis.0
Categories
- All Categories
- 51 LFX Mentorship
- 104 LFX Mentorship: Linux Kernel
- 576 Linux Foundation IT Professional Programs
- 304 Cloud Engineer IT Professional Program
- 125 Advanced Cloud Engineer IT Professional Program
- 53 DevOps Engineer IT Professional Program
- 61 Cloud Native Developer IT Professional Program
- 5 Express Training Courses
- 5 Express Courses - Discussion Forum
- 2K Training Courses
- 19 LFC110 Class Forum
- 7 LFC131 Class Forum
- 27 LFD102 Class Forum
- 158 LFD103 Class Forum
- 20 LFD121 Class Forum
- 1 LFD137 Class Forum
- 61 LFD201 Class Forum
- 1 LFD210 Class Forum
- LFD210-CN Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- LFD237 Class Forum
- 23 LFD254 Class Forum
- 611 LFD259 Class Forum
- 105 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 1 LFD273 Class Forum
- 2 LFS145 Class Forum
- 24 LFS200 Class Forum
- 739 LFS201 Class Forum
- 1 LFS201-JP クラス フォーラム
- 11 LFS203 Class Forum
- 75 LFS207 Class Forum
- 300 LFS211 Class Forum
- 54 LFS216 Class Forum
- 47 LFS241 Class Forum
- 41 LFS242 Class Forum
- 37 LFS243 Class Forum
- 11 LFS244 Class Forum
- 36 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- LFS251 Class Forum
- 141 LFS253 Class Forum
- LFS254 Class Forum
- 1.1K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 93 LFS260 Class Forum
- 132 LFS261 Class Forum
- 33 LFS262 Class Forum
- 80 LFS263 Class Forum
- 15 LFS264 Class Forum
- 11 LFS266 Class Forum
- 18 LFS267 Class Forum
- 17 LFS268 Class Forum
- 23 LFS269 Class Forum
- 203 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- LFS274 Class Forum
- LFS281 Class Forum
- 236 LFW211 Class Forum
- 172 LFW212 Class Forum
- 7 SKF100 Class Forum
- SKF200 Class Forum
- 903 Hardware
- 219 Drivers
- 74 I/O Devices
- 44 Monitors
- 116 Multimedia
- 209 Networking
- 101 Printers & Scanners
- 85 Storage
- 763 Linux Distributions
- 88 Debian
- 66 Fedora
- 15 Linux Mint
- 13 Mageia
- 24 openSUSE
- 142 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 357 Ubuntu
- 479 Linux System Administration
- 41 Cloud Computing
- 70 Command Line/Scripting
- Github systems admin projects
- 95 Linux Security
- 78 Network Management
- 108 System Management
- 49 Web Management
- 68 Mobile Computing
- 23 Android
- 30 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 537 Off Topic
- 131 Introductions
- 217 Small Talk
- 21 Study Material
- 826 Programming and Development
- 278 Kernel Development
- 514 Software Development
- 928 Software
- 260 Applications
- 184 Command Line
- 3 Compiling/Installing
- 76 Games
- 316 Installation
- 61 All In Program
- 61 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)