I use Debian Gnome as a host for Whonix. The Debian installer offers the possibility to encrypt the /Home directory (encrypted LVM), but it does not offer the feature to also encrypt the swap area (they should add this feature asap). Is it more secure to also encrypt the swap area? And what about the need for it in case you’ve disabled the suspend-to-disk feature? Will the swap area still be used by the OS or is there still a chance that data will be written to swap?
During the installation of the Debian host the LVM created a swap space. But how do I encrypt it so that on each startup the system generates a random password for the swap space? This is more easier than putting two long passphrases (one for /Home directory and one for swap area).
Any help on this will be much appreciated. Thank you!