How do I create a randomly encrypted swap partition when doing a clean install of 14.04.1?
This option was available in the text-based partman in 12.04, but I can't find it in the graphical partition editor in the 14.04.1 installer.
My goal is three partitions: /boot, swap (random-key encrypted), / (passphrase encrypted).
Thanks!
Thank you, liquidat. That was not quite what I was looking for, but it did help me figure it out. Here is what I did, which seems to have worked:
At installation, set up three partitions:
/dev/sda1: 512 Mb Ext2, mapped to /boot./dev/sda2: 4096 Mb unused partition, of type Linux (0x83)./dev/sda3: Remaining space encrypted Ext4, mapped to / (file system root).This installed Ubuntu without a swap space. After installation, I followed the instructions from Encrypted Swap Partition for 14.04 to install a randomly encrypted swap partition in /dev/sda2. I modified the commands slightly to follow the example from my 12.04 installation:
$ sudo cryptsetup -d /dev/urandom create sda2_crypt /dev/sda2
$ sudo mkswap -f /dev/mapper/sda2_crypt
Add/edit the following line to /etc/crypttab:
sda2_crypt /dev/sda2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap
Add/edit the line in /etc/fstab:
/dev/mapper/sda2_crypt none swap sw 0 0
As far as I know, this is not possible during installation with the help of the GUI tools. You need to change to console during installation, or enable encryption afterwards. There is a how-to, even respecting hibernation if you want, at Enable Hibernate With Encrypted Swap.
