sudo swapon -s
[sudo] password for lingben:
Filename Type Size Used Priority
/dev/mapper/cryptswap1 partition 2084860 0 -1
Swap id's currently active.
- /dev/mapper/cryptswap1 : name of device
- type partition (could also be a file)
- size, used, priority : first two self explanatory, priority is used when more than 1 swap is configured.
Using this command you can see all active swap.
sudo cryptsetup status cryptswap1
/dev/mapper/cryptswap1 is active and is in use.
type: PLAIN
cipher: aes-cbc-essiv:sha256
keysize: 256 bits
device: /dev/sda5
offset: 0 sectors
size: 4169728 sectors
mode: read/write
Cryptsetup is the program used to setup encrypted swap device. Using status command shows the setup details.
- device: /dev/sda5 is the physical drive partition used for setting up logical /dev/mapper/cryptswap1 device.
- cipher: aes-cbc-essiv:sha256 is the algorithm and bloc mode used to encrypt data
- keysize: 256 bits is the size of the key
When the system reads/writes to the swap, it actually reads/writes to /dev/sda5 through an encryption layer. Trying to read /dev/sda5 after computer shutdown, data on disk looks like garbage.
mount | grep ecryptfs
/home/lingben/.Private on /home/lingben type ecryptfs (ecryptfs_check_dev_ruid,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs,ecryptfs_sig=d69affdbead76df7,ecryptfs_fnek_sig=6a5f4e5546f608ce)
This command shows which ecryptfs filesystem is currently mounted and active
- /home/lingben/.Private or /home/.ecryptfs/lingben/.Private points to same location on drive. That is where your data is stored encrypted.
- /home/lingben is your home directory where all your data is normally stored. Using ecryptfs your home directory remains empty. You need to unlock your data for ecryptfs to mount your home directory to the right location. Ecryptfs is acting as an encryption layer, when the system reads/writes to your home directory /home/lingben, it actually reads/writes to physical location /home/.ecryptfs/lingben/.Private.
sudo ls -l /home/.ecryptfs/lingben/.Private
total 316
drwxr--r-- 2 lingben lingben 4096 Jul 11 16:45 ECRYPTFS_FNEK_ENCRYPTED.FWZeLotJFjM6nUTmA0MRBLe7p3olaYU2rlVp12tqGu7BUAexK0odLm.ES---
-rw------- 1 lingben lingben 12288 Jul 23 01:38 ECRYPTFS_FNEK_ENCRYPTED.FWZeLotJFjM6nUTmA0MRBLe7p3olaYU2rlVp2eXxX4vZtIaynEe51sXMtU--
-rw-r--r-- 1 lingben lingben 12288 Jul 9 23:24 ECRYPTFS_FNEK_ENCRYPTED.FWZeLotJFjM6nUTmA0MRBLe7p3olaYU2rlVp36OpeUL6fs5.6kc4Cl1E4---
Ecryptfs is using the backing filesystem for storing its encrypted data. Looks like regular files and directories, but real file names and real data are encrypted and useless. Here you can see some limitations of ecryptfs, you have access to some informations in clear text : permissions, size, date.