Welcome to the Linux Foundation Forum!
Lab 10.2 Debian 8 don't ask me any password
Santos82h
Posts: 8
Hello
I did the lab 10.2 just as it is explained but when I reboot my Debian 8 it don't ask any password for my swap partition.
This is what I did:
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/sda5 partition 4193776 0 -1
$ sudo swapoff /dev/sda5
$ sudo cryptsetup luksFormat --cipher aes /dev/sda5
$ sudo cryptsetup luksOpen /dev/sda5 swapcrypt
$ sudo mkswap /dev/mapper/swapcrypt
$ sudo swapon /dev/mapper/swapcrypt
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ sudo dmsetup info /dev/dm-0
Name: swapcrypt
State: ACTIVE
Read Ahead: 256
Tables present: LIVE
Open count: 2
Event number: 0
Major, minor: 254, 0
Number of targets: 1
UUID: CRYPT-PLAIN-swapcrypt
$ sudo nano /etc/crypttab
swapcrypt /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256
$ sudo nano /etc/fstab
/dev/mapper/swapcrypt none swap defaults 0 0
$ sudo reboot
...
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ cat /proc/meminfo | grep Swap
SwapCached: 0 kB
SwapTotal: 265212 kB
SwapFree: 265212 kB
Filename Type Size Used Priority
/dev/sda5 partition 4193776 0 -1
$ sudo swapoff /dev/sda5
$ sudo cryptsetup luksFormat --cipher aes /dev/sda5
$ sudo cryptsetup luksOpen /dev/sda5 swapcrypt
$ sudo mkswap /dev/mapper/swapcrypt
$ sudo swapon /dev/mapper/swapcrypt
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ sudo dmsetup info /dev/dm-0
Name: swapcrypt
State: ACTIVE
Read Ahead: 256
Tables present: LIVE
Open count: 2
Event number: 0
Major, minor: 254, 0
Number of targets: 1
UUID: CRYPT-PLAIN-swapcrypt
$ sudo nano /etc/crypttab
swapcrypt /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256
$ sudo nano /etc/fstab
/dev/mapper/swapcrypt none swap defaults 0 0
$ sudo reboot
...
$ cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 265212 0 -1
$ cat /proc/meminfo | grep Swap
SwapCached: 0 kB
SwapTotal: 265212 kB
SwapFree: 265212 kB
The pass is only asked when I did `sudo cryptsetup luksOpen /dev/sda5 swapcrypt` but no when debian reboot
0
Comments
-
Hi,
What happened in Lab 10.1? Did it work or fail? I ask to know if the exercise is not working for Debian 8 and swap only. There uses to be some small differences between distros. In fact, look at this:
https://wiki.debian.org/TransparentEncryptionForHomeFolder
If you want to encrypt the swap partition too:
sudo apt-get install cryptsetup
sudo ecryptfs-setup-swap
Regards,
Luis.0 -
Hi Luis
Lab 10.1 was fine in debian 8. No problem there.
Also I did
sudo apt-get install cryptsetup
before trying lab 10.1 and 10.2
but ecryptfs-setup-swap not seen work:
$ sudo ecryptfs-setup-swap
sudo: ecryptfs-setup-swap: command not found
$ sudo apt-get install ecryptfs-setup-swap
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
E: No se ha podido localizar el paquete ecryptfs-setup-swap
0 -
Hi,
The right package name is ecryptfs-utils. When you don't know the package name you can search here:
https://packages.debian.org
In this case you can search for 'package contents' and ecryptfs-setup-swap. And you will get an output like this:
File Packages
/usr/bin/ecryptfs-setup-swap ecryptfs-utils
So please install the package and try again.
Regards,
Luis.0 -
Hello
now the problem is:
$ sudo ecryptfs-setup-swap
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/sda5]
WARNING: Commented out your unencrypted swap from /etc/fstab
swapon: fallo de 'stat': /dev/mapper/cryptswap1): No existe el fichero o el directorio
:___
0 -
Santos82h wrote:Hello
now the problem is:
$ sudo ecryptfs-setup-swap
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/sda5]
WARNING: Commented out your unencrypted swap from /etc/fstab
swapon: fallo de 'stat': /dev/mapper/cryptswap1): No existe el fichero o el directorio
:___
sounds like Linux did not want to mount and unecrypted swap partition. Before you encrypt you swap, thoroughly read the manpage for that encryption software and practice on a space swap to allow yourself to break it to learn.
Since the swap you have in /fstab is not encrypted, remove and run sudo ecryptfs-setup-swap again.0 -
Hi,
1) It may be related to an UUID change, as it happened to this guy here:
http://foro.ubuntu-guia.com/Como-hacer-que-LMDE-reconozca-la-SWAP-td3683054.html
2) Or it may be related to a bug:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
So, please start with 1) and check what you have in /etc/fstab, confirm if the UUID is ok.
Regards,
Luis.0
Categories
- 8.8K All Categories
- 12 LFX Mentorship
- 65 LFX Mentorship: Linux Kernel
- 356 Linux Foundation Boot Camps
- 226 Cloud Engineer Boot Camp
- 69 Advanced Cloud Engineer Boot Camp
- 23 DevOps Engineer Boot Camp
- 5 Cloud Native Developer Boot Camp
- 724 Training Courses
- 14 LFC110 Class Forum
- 16 LFD102 Class Forum
- 96 LFD103 Class Forum
- 2 LFD121 Class Forum
- 55 LFD201 Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- 14 LFD254 Class Forum
- 420 LFD259 Class Forum
- 78 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 15 LFS200 Class Forum
- 683 LFS201 Class Forum
- LFS201-JP クラス フォーラム
- 271 LFS211 Class Forum
- 50 LFS216 Class Forum
- 23 LFS241 Class Forum
- 26 LFS242 Class Forum
- 18 LFS243 Class Forum
- 4 LFS244 Class Forum
- 7 LFS250 Class Forum
- LFS250-JP クラス フォーラム
- 103 LFS253 Class Forum
- 753 LFS258 Class Forum
- 7 LFS258-JP クラス フォーラム
- 48 LFS260 Class Forum
- 74 LFS261 Class Forum
- 6 LFS262 Class Forum
- 76 LFS263 Class Forum
- 14 LFS264 Class Forum
- 10 LFS266 Class Forum
- 8 LFS267 Class Forum
- 8 LFS268 Class Forum
- 4 LFS269 Class Forum
- 173 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- 184 LFW211 Class Forum
- 99 LFW212 Class Forum
- 875 Hardware
- 204 Drivers
- 74 I/O Devices
- 43 Monitors
- 115 Multimedia
- 204 Networking
- 98 Printers & Scanners
- 82 Storage
- 716 Linux Distributions
- 78 Debian
- 64 Fedora
- 12 Linux Mint
- 13 Mageia
- 22 openSUSE
- 125 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 344 Ubuntu
- 445 Linux System Administration
- 33 Cloud Computing
- 63 Command Line/Scripting
- Github systems admin projects
- 88 Linux Security
- 73 Network Management
- 105 System Management
- 45 Web Management
- 50 Mobile Computing
- 18 Android
- 19 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 499 Off Topic
- 119 Introductions
- 193 Small Talk
- 19 Study Material
- 742 Programming and Development
- 237 Kernel Development
- 471 Software Development
- 898 Software
- 244 Applications
- 178 Command Line
- 2 Compiling/Installing
- 72 Games
- 313 Installation
- 19 All In Program
- 19 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)