Ubuntu blkid check encryption of swap partition

Question

I have checked on these two questions:

How to check if your home folder and swap partition are encrypted using terminal?

That say that you should get the output similar to /dev/mapper/cryptswap1: UUID="95f3d64d-6c46-411f-92f7-867e92991fd0" TYPE="swap" from running sudo blkid | grep swap to check if the swap is encrypted. However when I run it I get both:

/dev/sda3: UUID="some-id-123" TYPE="swap" PARTUUID="some-id-456"
/dev/mapper/cryptswap1: UUID="some-id-789" TYPE="swap"

When I run sudo cryptsetup status /dev/mapper/cryptswap1 I get the result:

/dev/mapper/cryptswap1 is active and is in use.
type:    PLAIN
cipher:  aes-xts-plain64
keysize: 256 bits
device:  /dev/sda3
offset:  1024 sectors
size:    33213440 sectors
mode:    read/write

Is my swap-partition encrypted, if not what should I do to encrypt it? When I run swapon --show I get this:

NAME      TYPE       SIZE USED PRIO
/dev/dm-0 partition 15,9G   0B   -1

score 2 · Answer 1 · answered Mar 06 '17 at 17:16

On my 16.04.2 LTS:

w3@aardvark:~(1)$ grep swap /etc/fstab
# swap was on /dev/sda1 during installation
#UUID=339b7a56-3b67-47e8-87e1-f483296a39bd none            swap    sw              0       0
/dev/mapper/cryptswap1 none swap sw 0 0

w3@aardvark:~(0)$ mount | grep /home/$USER
/home/.ecryptfs/w3/.Private on /home/w3 type ecryptfs (rw,nosuid,nodev,relatime,ecryptfs_fnek_sig=e377cfa845240aa1,ecryptfs_sig=5fa903fe1f605483,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs)

Lets me know that my swap is encrypted, and so is my home directory.

Look at your /etc/fstab, and read man fstab.

That looks more like a comment than an answer. – David Foerster Mar 06 '17 at 17:55 — David Foerster, Mar 06 '17 at 17:55

David Foerster · Accepted Answer · 2017-03-07T09:37:32.490

Investigating current swap spaces

The correct way to check which swap spaces are currently in use is either swapon -s or cat /proc/swaps. Your swapon --show happened to result in something similar:

NAME      TYPE       SIZE USED PRIO
/dev/dm-0 partition 15,9G   0B   -1

This shows that /dev/dm-0 is the only swap space in use. /dev/dm-0 is likely equivalent to /dev/mapper/cryptswap1. You can verify this with test /dev/dm-0 -ef /dev/mapper/cryptswap1; echo $? – 0 means equivalent, 1 means different.

Another relevant place to check for swap set-up is /etc/fstab.

Investigating dm-crypt volumes

From the output of cryptsetup status /dev/mapper/cryptswap1 we can see that /dev/mapper/cryptswap1 is backed by /dev/sda3 which is formatted as a swap partition (yet currently unused) according to the blkid output. This appears odd at first but closer investigation reveals that this is just what blkid guesses from the partition header data. However cryptswap1 is located at an offset of 1024 sectors (512 KiB) from the start of sda3.

This is a common yet unintuitive way to signal that this partition is used for encrypted swap space. It dates back to the times of MBR partition tables that didn't provide partition labels or IDs. Therefore people resorted to kludges like this to label the partition with a small placeholder header and an offset for the encrypted volume.

Another relevant place to check for dm-crypt set-up is /etc/crypttab.

Conclusion

Yes, your swap partition is encrypted and set up sanely (as far as I can tell) even though the set-up appears a little weird superficially.

Ubuntu blkid check encryption of swap partition

2 Answers2

Investigating current swap spaces

Investigating dm-crypt volumes

Conclusion