I encrypted my swap with ecryptfs, but sometimes when I boot during the splash screen it says the swap is not encrypted, then it disappears. How can I check if it is encrypted?
Only my $HOME files are encrypted. What can be done about the information that leaks into system directories like /var/log? To where does it leak? How can I clean them systematically?
Supposing the answer to number 2 is that it leaks a lot, is full HD encryption a better option to solve this? If yes, what free program to use, since ecryptfs does not have this option?
Asked
Active
Viewed 575 times
1
N.N.
- 18,589
Strapakowsky
- 12,304
1 Answers
2
You should really ask one question at a time, instead of 3 together.
You can see your swap partitions with:
cat /proc/swaps
And you can see your device-mapper encrypted swap partition configuration with:
cat /etc/crypttab
As long as all of your swap partitions listed in /proc/swaps are also configured for encryption in /etc/crypttab, you're in good shape.
Home Directory Encryption is only meant to protect the data you store in your home directory, and is intended as a balance among security, usability, and performance. Various bits of system information "leak" (as you say) to /etc (configuration files), /var (varying program information and log files) and /tmp (temporary files). If you want to encrypt all of that, you should use full disk encryption, which you can configure at installation using the Ubuntu Alternate Install media.
Dustin Kirkland
- 14,919