www.nico.schottelius.org/blog/2024-10-10-how-to-enable-encrypted-swap-in-alpine-linux.mdwn

[[!meta title="How to enable encrypted swap in Alpine Linux"]]

## TL;DR

There is no TL;DR, because it is so easy that any summary would be too
long.

The steps are so simple:

### Edit /etc/conf.d/dmcrypt

Checkout the samples and enable swap like this:

    swap=crypt-swap
    source='/dev/nvme0nXXX'

(obviously set the correct *source* device)

### Start dmcrypt

Run

    /etc/init.d/dmcrypt start

### Enable swap

    swapon /dev/mapper/crypt-swap


### Make it persistent

    # Enable automatic start
    rc-update add dmcrypt

    # Enable automatic swapon
    echo /dev/mapper/crypt-swap swap swap defaults 0 0 >> /etc/fstab

## Background

Until today I did not know (or care) how to enable swap in Alpine
Linux. As firefox (sic!) is killing my system more often these days, I
decided to enable swap using a partition I left for it some years ago.

As I did not know how it works, I grep'ed for crypt through
/etc/init.d, found the dmcrypt init script quickly which references
/etc/conf.d/dmcrypt. I opened the config file and within minutes my
encrypted swap was up.

Note that above instructions will reset/re-encrypt swap on every boot
and thus no suspend to disk works with it. That's fine with me, as
that is not a feature I am ever going to use.

The point I need to make is that at the moment there is no single
other Linux distribution out there that I know off that is allowing me
to make changes, even those which I don't know yet how to, that easily
and I want to say many thanks for keeping Alpine Linux as simple as
other Linux distributions used to be in the 90's.

[[!tag alpinelinux security]]
add new blog entry about encryption 2024-10-10 16:19:55 +09:00			`[[!meta title="How to enable encrypted swap in Alpine Linux"]]`

			`## TL;DR`

			`There is no TL;DR, because it is so easy that any summary would be too`
			`long.`

			`The steps are so simple:`

			`### Edit /etc/conf.d/dmcrypt`

			`Checkout the samples and enable swap like this:`

			`swap=crypt-swap`
			`source='/dev/nvme0nXXX'`

			`(obviously set the correct source device)`

			`### Start dmcrypt`

			`Run`

			`/etc/init.d/dmcrypt start`

			`### Enable swap`

			`swapon /dev/mapper/crypt-swap`


			`### Make it persistent`

			`# Enable automatic start`
			`rc-update add dmcrypt`

			`# Enable automatic swapon`
			`echo /dev/mapper/crypt-swap swap swap defaults 0 0 >> /etc/fstab`

			`## Background`

			`Until today I did not know (or care) how to enable swap in Alpine`
			`Linux. As firefox (sic!) is killing my system more often these days, I`
			`decided to enable swap using a partition I left for it some years ago.`

			`As I did not know how it works, I grep'ed for crypt through`
			`/etc/init.d, found the dmcrypt init script quickly which references`
			`/etc/conf.d/dmcrypt. I opened the config file and within minutes my`
			`encrypted swap was up.`

			`Note that above instructions will reset/re-encrypt swap on every boot`
			`and thus no suspend to disk works with it. That's fine with me, as`
			`that is not a feature I am ever going to use.`

			`The point I need to make is that at the moment there is no single`
			`other Linux distribution out there that I know off that is allowing me`
			`to make changes, even those which I don't know yet how to, that easily`
			`and I want to say many thanks for keeping Alpine Linux as simple as`
			`other Linux distributions used to be in the 90's.`

			`[[!tag alpinelinux security]]`