60 lines
1.6 KiB
Markdown
60 lines
1.6 KiB
Markdown
[[!meta title="How to enable encrypted swap in Alpine Linux"]]
|
|
|
|
## TL;DR
|
|
|
|
There is no TL;DR, because it is so easy that any summary would be too
|
|
long.
|
|
|
|
The steps are so simple:
|
|
|
|
### Edit /etc/conf.d/dmcrypt
|
|
|
|
Checkout the samples and enable swap like this:
|
|
|
|
swap=crypt-swap
|
|
source='/dev/nvme0nXXX'
|
|
|
|
(obviously set the correct *source* device)
|
|
|
|
### Start dmcrypt
|
|
|
|
Run
|
|
|
|
/etc/init.d/dmcrypt start
|
|
|
|
### Enable swap
|
|
|
|
swapon /dev/mapper/crypt-swap
|
|
|
|
|
|
### Make it persistent
|
|
|
|
# Enable automatic start of encryption & swap
|
|
rc-update add dmcrypt
|
|
rc-update add swap
|
|
|
|
# Enable automatic swapon
|
|
echo /dev/mapper/crypt-swap swap swap defaults 0 0 >> /etc/fstab
|
|
|
|
## Background
|
|
|
|
Until today I did not know (or care) how to enable swap in Alpine
|
|
Linux. As firefox (sic!) is killing my system more often these days, I
|
|
decided to enable swap using a partition I left for it some years ago.
|
|
|
|
As I did not know how it works, I grep'ed for crypt through
|
|
/etc/init.d, found the dmcrypt init script quickly which references
|
|
/etc/conf.d/dmcrypt. I opened the config file and within minutes my
|
|
encrypted swap was up.
|
|
|
|
Note that above instructions will reset/re-encrypt swap on every boot
|
|
and thus no suspend to disk works with it. That's fine with me, as
|
|
that is not a feature I am ever going to use.
|
|
|
|
The point I need to make is that at the moment there is no single
|
|
other Linux distribution out there that I know off that is allowing me
|
|
to make changes, even those which I don't know yet how to, that easily
|
|
and I want to say many thanks for keeping Alpine Linux as simple as
|
|
other Linux distributions used to be in the 90's.
|
|
|
|
[[!tag alpinelinux security]]
|