Linux Tips

Encrypted Swap on Linux

2019.10.18

Nathan Thompson

Preamble

Linux swap file with encryption

Install EndeavourOS

Add Swap File

Header if needed

Preamble

As a Linux user, I am surprisingly basic with initial drive partitioning. Assuming a single drive, such as in my laptop, I have:

An EFI Boot partition.
Root partition for the installation.

No home, no data, just those two partitions. That's it. Yes, I use swap, but encrypted swap as a file, not a partition. Curious how? Great! Let's dive into how to configure swap as file under my encrypted root partition.

Linux swap file with encryption

Okay, I am an Arch user; well, Arch via EndeavourOS today and formerly an Antergos user before that project shutdown. Just putting that tidbit out there since exact processes can differ between different Linux distributions.

For my laptop, I always encrypt my root partition. Yet, I also use swap. Previously I did not think much about things, I just let the installer handle everything and I would end up with an encrypted root partition for my install and data, but swap was not encrypted as far as I could tell. Thinking it would be wiser to encrypt swap as well, after all your system writes all your data from memory into that area of the drive when it hibernates and in general is constantly writing data to it as your physical memory gets full (depending on the value of your vm swappiness).

Install EndeavourOS

Let's get started by installing EndeavourOS

Add Swap File

Now that we have rebooted the system, we can the swap file.

Body Text.{1}

More text here.{2}

{1} Note from Now Date: Yeah, let's clarify these points baby.

{2} Regular Footnote looks like this.

Header if needed

Closing.