Setup

install and configure:

apt install cryptsetup cryptsetup-bin cryptsetup-initramfs systemd-cryptsetup

swapoff -a

# blank partition header
dd if=/dev/zero of=/dev/sdXY bs=1M count=100  # on HDD
blkdiscard /dev/sdXY                          # on SSD

# /etc/crypttab
wip   /dev/disk/by-id/xxx-partY /dev/urandom plain,cipher=aes-xts-plain64,size=512,discard,tmp=ext4
cswap /dev/disk/by-id/xxx-partZ /dev/urandom plain,cipher=aes-xts-plain64,size=512,discard,swap

# /etc/fstab
/dev/mapper/wip    /mnt/wip  ext4  defaults,user,discard,auto  0 0
/dev/mapper/cswap  none      swap  sw                          0 0

echo RESUME=none > /etc/initramfs-tools/conf.d/resume
update-initramfs -u -k all

disable hybernation:

# /etc/systemd/sleep.conf.d/local-no-hibernate.conf
[Sleep]
AllowHibernation=no
AllowSuspendThenHibernate=no
AllowHybridSleep=no

and reboot shutdown -r 0

Lazy mount fix

If you see wait for device errors in the boot sequece, comment out the line in /etc/fstab then put this in /etc/rc.local:

1 2	[ -e /dev/mapper/wip ] && mount /dev/mapper/wip /mnt/wip \|\| true [ -e /dev/mapper/cswap ] && swapon -p 100 /dev/mapper/cswap \|\| true

About
Alberto Cavalin

💻 GitHub 💼 LinkedIn 📫 e-mail

Blog top 10

Blog top tags

HowTo Tools Linux Reference Ricette Terminal Dev Dolci Torte Ruby Info RaspberryPi Debian Salute Rails Images Audio Salato Networking Android Security Cioccolato Fun SSH Verdure Git TorteSalate Crypt DB Patate Pesce Cibo Creme Formaggio Ricotta Contorni Mandorle Tonno Zucchine