Friday, September 23, 2011

Modify encrypted swap partition in Ubuntu

If you want to resize, merge, split, move your partitions, you may have to modify your encrypted partition too.

If you haven't got it, install GParted to view and manage your partitions.

Before you do anything serious, make a rescue disk in a USB thumb flash drive, and make sure that your computer can boot from it, and you know how to.  In Ubuntu a rescue/recover disk is actually a full sized Ubuntu operating system on trial.  You can use it straight from the flash drive, or install Ubuntu into your hard drive for a dual boot or pure Ubuntu system.  Just don't do that and keep using it directly from flash drive.

The latest Ubuntu have GParted installed, and make sure that your thumb drive have it.

I hate to say that you should back up you data before you modify your partitions.  But that's not very practical for most, unless you have a new bigger hard drive, or a huge external drive.  GParted is pretty safe and I lived to tell you the story.

If you didn't setup your swap, I didn't, you may find where it is in the file /etc/fstab.  You will find a line with the word swap.  For a swap partition it will be at /dev/sda2 etc, but identified with the partition's UUID, a global unique code.  For a swap file, it will be typically be at /swapfile.

The size of the swap file or partition will be about one to two times your system RAM.  If you have ample RAM and disk space, the recommended size is equal to your RAM.  But the old school of twice the RAM size doesn't matter.  Now disks are half to one Terrible lot of Bytes.

Especially if you encrypted your swap file, you cannot be sure that it's functional because in GPart it show up as an unknown partition and unmounted.  Don't let it fool you.

First you turn off swap:

#swapoff /dev/sda2

for swap partition or if you have a swap file

#swapoff /swapfile

Edit the /etc/fstab file:

#sudo gedit /etc/fstab

and comment out the swap file entry.  If your swap isn't encrypted, now it would be a normal partition (if you reboot) and you can do anything about it with GPart for example.  You can delete it or your swap file.

If your swap is encrypted, you will not be able to boot again.  You have to remove the mapper.  You can see at /dev/mapper what the mapped partition is, eg, cryptswap1. To remove it:

#dmsetup remove cryptswap1

Without it, you OS cannot boot even in recovery mode, as the mapper is looking for the swap partition that do not exist or defunctional one way or the other.

To setup the swap partition again.  Create a partition in GPart if you don't have one already.  Keep it unmounted.  Format it to linux-swap.

In /etc/fstab, uncomment the old swap partition line.  Instead of the UUID, you can just use the device name, /dev/sda2 for example.

You may be able to do

#swapon /dev/sda2

But if you reboot you will sure have the swap partition active.

Now you can use the ecryptfs utility to encrypt the swap file again.  You can see your swap at /dev/mapper and the corresponding line added at /etc/fstab.

Remember to comment out the line for the previous swap partition in /etc/fstab.  The ecryptfs utility does not do it for your.

You can use the system monitor to see how much and how often your swap partition is used.