You are not logged in.
I'm having some issues setting up encrypted swap. I've followed the wiki guide outlined here, but I'm having some issues upon bootup:
Mar 17 10:20:00 HOSTNAME systemd-cryptsetup[320]: Set cipher aes, mode cbc-essiv:sha256, key size 512 bits for device /dev/disk/by-uuid/c7af8dd7-0837-4573-a8d7-e07b20c63c10.
Mar 17 10:20:00 HOSTNAME systemd-cryptsetup[320]: device-mapper: reload ioctl on swap (254:1) failed: Invalid argument
Mar 17 10:20:00 HOSTNAME systemd-cryptsetup[320]: Failed to activate with key file '/dev/urandom': No such device
Here is some information that I think is helpful -- I'm trying to use the 16G partition nvme0n1p2:
$ lsblk -f
NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS
nvme0n1
├─nvme0n1p1 vfat FAT32 3980-8239 421.3M 16% /boot
├─nvme0n1p2 ext2 1.0 cryptswap c7af8dd7-0837-4573-a8d7-e07b20c63c10
└─nvme0n1p3 crypto_LUKS 2 8914d804-5da0-4cca-98bb-844c11cd4e4f
└─root ext4 1.0 a1ce055f-1570-402a-9d61-d266d70b01c7 417.7G 3% /
Disk /dev/nvme0n1: 1000215216 sectors, 476.9 GiB
Model: MTFDHBA512QFD-1AX1AABHA
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): DE1A05D4-77AC-4511-B7C2-773560A82A1E
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 1000215182
Partitions will be aligned on 2048-sector boundaries
Total free space is 2014 sectors (1007.0 KiB)
Number Start (sector) End (sector) Size Code Name
1 2048 1026047 500.0 MiB EF00 EFI system partition
2 1026048 34580479 16.0 GiB 8300 Linux filesystem
3 34580480 1000215182 460.5 GiB 8300 Linux filesystem
Thanks!
Last edited by aqua123 (2022-03-17 17:53:46)
Offline
hm, this method still works for me... also show your /etc/crypttab, /etc/fstab?
which kernel are you using?
Last edited by frostschutz (2022-03-17 17:18:22)
Offline
sudo cat /etc/crypttab
# Configuration for encrypted block devices.
# See crypttab(5) for details.
# NOTE: Do not list your root (/) partition here, it must be set up
# beforehand by the initramfs (/etc/mkinitcpio.conf).
# <name> <device> <password> <options>
swap UUID=c7af8dd7-0837-4573-a8d7-e07b20c63c10 /dev/urandom swap,offset=2048,cipher=aes-cbc-essiv:sha256,size=512
sudo cat /etc/fstab
# Static information about the filesystems.
# See fstab(5) for details.
# <file system> <dir> <type> <options> <dump> <pass>
# /dev/mapper/root
UUID=a1ce055f-1570-402a-9d61-d266d70b01c7 / ext4 rw,relatime 0 1
# /dev/nvme0n1p1
UUID=3980-8239 /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
and I am using the latest default linux -- 5.16.14.
Offline
The wiki uses aes-xts-plain64, why did you change it to aes-cbc-essiv:sha256?
If I change mine to aes-cbc-essiv:sha256 it also stops working, might have to remove the size=512 as well, maybe size=256 instead.
You have to provide a working cipherspec. If in doubt, just stick with aes-xts-plain64.
Offline
That seems to have worked. I think the default in crypttab was the aes-cbc-essiv:sha256 - I don't know where else I got that.
But anyway, thank you!
Offline