Results 1 to 10 of 10

Thread: When Will Encrypted Swap Work in Ubuntu Again?

  1. #1
    Join Date
    Mar 2014
    Beans
    31

    Question When Will Encrypted Swap Work in Ubuntu Again?

    Encrypted swap does not work in Ubuntu Trusty, or apparently, any of the Ubuntu flavors. I had an encrypted swap partition under Xubuntu 13.10, and when I upgraded to 14.04, it was no longer recognized or utilized (luckily I made backups with deja-dup, Timeshift and Aptik, so I just rolled back to 13.10). I thought maybe I should revert to using an unencrypted swap partition, so I carefully followed the instructions to 'decrypt' one's swap partition here; http://www.logilab.org/blogentry/29155 and then proceeded to upgrade again. All went well, but when I tried to manually encrypt my swap partition after the upgrade (using "sudo ecryptfs-setup-swap"), it was no longer recognized or utilized just like before, so I rolled back to 13.10 again, and re-encrypted my swap partition (which works perfectly under 13.10). Then I got to thinking that maybe I should start fresh. I de-encrypted my swap partition again, and did a fresh install of Xubuntu 14.04, choosing to erase my previous installation and start from scratch. Everything went well, until I attempted to encrypt my swap partition and reboot. Again, it was not recognized or utilized by Xubuntu. I thought maybe it was a Xubuntu-specific issue, so I de-encrypted my non-working swap partition, made sure it was working as regular swap space, and did a fresh install of plain Ubuntu 14.04, ending up back where I started. Even plain ol' Ubuntu could not recognize or utilize encrypted swap space, only normal swap space. I tried with Kubuntu 14.04 and experienced the same. One of the aforementioned installs was done with 'Encrypt My Home Folder' selected, which also encrypts your swap partition. Even this didn't work (well, my home folder was encrypted, but again, my encrypted swap partition was unusable).

    So, now I'm back on Xubuntu 13.10 again, with a working encrypted swap partition, but I know I'll eventually have to upgrade If I want to continue getting updates. Can anyone tell me if this bug will be fixed? Has anyone else realized that Ubuntu Trusty is incapable of utilizing an encrypted swap partition? This is a serious security issue and I can't believe it has not beed fixed yet.

    TLDR: Encrypted swap partitions are not recognized/utilized by Ubuntu 14.04 and its derivatives, but they work perfectly under 13.10. Whether one chooses to manually encrypt their swap partition after install with ecryptfs, or during install by way of opting to have their home folder encrypted, makes no difference.
    Last edited by taytaybongsong; April 30th, 2014 at 07:28 PM.

  2. #2
    Join Date
    Mar 2014
    Beans
    31

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    It seems that there are at-least a few bug reports about this issue here:
    https://bugs.launchpad.net/ubuntu/+s...s/+bug/1310058
    https://bugs.launchpad.net/ubuntu/+s...y/+bug/1301383
    https://bugs.launchpad.net/ubuntu/+s...ls/+bug/953875
    https://bugs.launchpad.net/ubuntu/+s...y/+bug/1313230
    https://bugs.launchpad.net/ubuntu/+s...y/+bug/1303002

    Yet all the ones effecting Trusty are not marked as being of High importance. Encrypted swap is important to a lot of security-minded users like myself, and is arguably more crucial than encrypted home, in that the contents of encrypted files (in password management applications and the like) can be leaked to disk in human-readable format, if one's swap is unencrypted. Basically, having unencrypted swap space, greatly reduces the effectiveness of having an encrypted home folder. I am not posting this to bump my thread, but simply because this is an issue anyone concerned about privacy and security should be aware of. As it currently stands, if you want or need a swap partition on the latest Ubuntu release, you have but one choice; an unencrypted one.
    Last edited by taytaybongsong; April 30th, 2014 at 09:34 PM.

  3. #3
    Join Date
    Sep 2011
    Beans
    8

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    If I change the UUID into a /dev/sdXY in /etc/crypttab, the swap is again working as it did on 13.10. It looks like the system fails to read the encrypted swap's UUID on boot with 14.04.

  4. #4
    Join Date
    Sep 2011
    Beans
    8

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    At https://bugs.launchpad.net/ubuntu/+s...s/+bug/1310058 comment #3 is a possible fix. Would be nice if users could test his fix. I hope to do so tomorrow.

  5. #5
    Join Date
    Feb 2014
    Beans
    32

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    Ubuntu 14.04.1 is coming soon yet there doesn't seem to be any progress in fixing this bug. I hope with all my might that this bug gets fixed on time.

    https://bugs.launchpad.net/ubuntu/+s...ls/+bug/953875

    That bug should be marked "CRITICAL" not "High".


    I hope that, just maybe, by bumping this thread someone knowledgeable will be see that there is a great need to fix this bug ASAP.

  6. #6
    Join Date
    Nov 2011
    Location
    /dev/root
    Beans
    Hidden!

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    Developers seldom read threads at the Ubuntu Forums. But they read bug reports at Launchpad, and they are often logged in at IRC. You can also make them notice your issue by engaging in iso testing at

    http://iso.qa.ubuntu.com/

  7. #7
    Join Date
    Jun 2008
    Beans
    34

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    I just returned to Ubuntu after a long time in the mostly windows world. I had the option to pursue encryption for /home and full disk and decided to give it a try. It seems like this issue is also plagueing me on Ubuntu-Gnome 14.04.1 Looking forward to a resolution.

  8. #8
    Join Date
    Feb 2014
    Beans
    32

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    Hi myboy. Here is a solution to that bug:

    http://ubuntuforums.org/showthread.php?t=2224129

  9. #9
    Join Date
    Aug 2007
    Location
    Kingsport TN
    Beans
    137
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    Hi myboy. Here is a solution to that bug:

    http://ubuntuforums.org/showthread.php?t=2224129
    Didn't work for me. After:

    umount /dev/sda2 #(my swap partition)

    I get the error that it's not mounted.

    Then after:

    mkswap /dev/sda2

    I get the error that it's busy.

    So how can my swap partition be unmounted and yet busy at the same time??

    I did find out that during the install even though sda2 was recognized as swap during the install, it wasn't recognized as such when I rebooted from a live CD. I then reformatted it in GRUB then and tried the steps in your link. Still same error message.

  10. #10
    Join Date
    Aug 2007
    Location
    Kingsport TN
    Beans
    137
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: When Will Encrypted Swap Work in Ubuntu Again?

    TLDR: Encrypted swap partitions are not recognized/utilized by Ubuntu 14.04 and its derivatives, but they work perfectly under 13.10. Whether one chooses to manually encrypt their swap partition after install with ecryptfs, or during install by way of opting to have their home folder encrypted, makes no difference.
    Luckily, for me, I have enough RAM so that losing swap is a better option than having an unencrypted swap. The latter of course defeats the purpose of having an encrypted /home directory to begin with. After trying the fix that didn't fix it, I guess I'll await 14.04.2, but it's frustrating that this something that once again this is a feature that used to upgrade flawlessly in Ubuntu that no longer does.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •