ecryptfs-setup-swap

ecryptfs-setup-swap [-f|--force]

This script will detect existing swap partitions or swap files, and encrypt them, using cryptsetup.

Encrypted swap is essential to securing any system using eCryptfs, since decrypted file contents will exist in the system's memory, which may be swapped to disk at any time. If the system swap space is not also encrypted, it is possible that decrypted files could be written to disk in clear text.

Note that most Linux distributions do not yet support resuming from an encrypted swap space, and thus hibernate/resume will not work. Suspend/resume is unaffected.

Upon running the utility, the user will be informed of the hibernate/resume break, and asked to confirm the behavior. The -f|--force option can be used to bypass this interactive prompt.

cryptsetup(8) http://ecryptfs.org/

This manpage and the utility was written by Dustin Kirkland <kirkland@ubuntu.com> for Ubuntu systems (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.

On Debian and Ubuntu systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.